Protect Your Data from Tax-Time Hackers

Protecting your data is especially important during tax season, when sensitive information about your business and your employees is susceptible to attack by would-be identity thieves. Faux calls and emails from attackers posing as representatives of the IRS or even managers within your organization are commonplace and can lead to the theft of information from unsuspecting employees. Luckily, there are steps you can take to bolster your security during this time of increased vulnerability.

As Eric Cernak, U.S. cyber and privacy risk practice leader at Munich Re, noted, W-2 phishing attacks are just one popular method of thievery amongst digital ne’er-do-wells. Ransomware is also increasingly popular amongst hackers, he said. In a ransomware attack, hackers generally infiltrate a system and encrypt large swaths of a company’s data. They then demand a payment in cryptocurrency, usually Bitcoin, in return for decrypting and returning the stolen data.

“These types of attacks can be costly for a (small business) in terms of productivity and dollars,” Cernak said. “Additionally, with the current value of virtual currency, ransomware attacks are costing small businesses more and more in terms of real dollars, not to mention the interruption to their business income and cost to restore files should they decide not to pay the ransom.”

While these types of attacks are particularly prevalent during tax season, cybersecurity is no seasonal game – it’s a 24/7/365 defensive slog, said Adam Levin, chairman of data protection company IDT911, which is now known as CyberScout. He added that small businesses might feel as though they aren’t a prime target because of their size, but that hackers often target small businesses to gain access to bigger companies they work with. As a result, every business large and small must remain vigilant.

“As a business you are a defender, and as a defender in the cyber world we live in, you have to get everything right,” Levin said. “As an attacker, you just need to find one point of vulnerability that might only be open for a moment or two, but then you’re in.”