TurboTax Phishing Scam Sends Personal Details to Third Party Hackers

There really is no foreseeable end to tax scams. That’s because they rely on the tried and true method of phishing. And phishing is incredibly successful for scammers. The Better Business Bureau of Central Oklahoma is warning of yet another scam involving tax preparation software, Intuit’s TurboTax.  They may be the first to report this scam, but it will spread across the county rapidly if it hasn't already.

In this case, the scammers send phishing email messages with a subject line similar to “important privacy changes.” It includes a link that will supposedly allow the TurboTax customer to “opt out” of having their personal details sent to a third party. However, by clicking that link, a hacker becomes that third party when the malware that is subsequently installed on the computer sends those personal details back to him.

Always keep the following in mind to avoid becoming a victim of this:

Make sure the “from” field has a known email address. It’s easy to mask these, so hover over it to make sure it makes sense to you. Just because it has “TurboTax” or “Intuit” as the sender, the full email address may be completely different.

Pay attention to the wording in the message. If it has typos, poor grammar and spelling, strange uses of English words, it’s likely phishing.

Sometimes we’re in a hurry and may not be paying as close attention to email as we otherwise would be. So, think first. If you haven’t used TurboTax in a while or at all, that is a dead giveaway that it’s not likely a legitimate email. Don’t let curiosity get the best of you.

Hover over URLs in email messages and make sure they go to places that you would expect them to send you. Pay particular attention to the address spelling. Scammers often will use an address that is extremely similar to the real one; often replacing one letter or omitting one letter so that at first glance, it looks legitimate.

If the message is coming to a different email address from what you normally use for TurboTax (or Intuit), it’s phishing. Just delete it.

In addition, if the browser you use has anti-phishing features make sure they are activated. It isn’t a guarantee that phishing isn’t on the page, but it is another check.

Always have anti-malware software installed and keep it updated on your devices and apply critical and security patches for all your software products and operating systems as soon as they are released.

If you are ever in doubt, then err on the side of caution and don’t react to the message at all. Just toss it right into the old “File 13.”

© Copyright 2016 Stickley on Security