Press Release: With Tax Season in Full Swing, CPAs Are Warned

Accountants and tax professionals are being warned of a very real cybersecurity threat through the use of old fashioned methods.

Normally cyber criminals attempt to hack business systems through the internet – often by breaking into someone’s email, or looking for weak passwords.

But security researchers have spotted a rise in the use of USB drives sent by mail to CPA firms and small tax preparation businesses. The attacker will pose as an existing client sending in requested documentation last minute for their tax return.

“These drives turn up in a Priority Mail or FedEx envelope with a vaguely written letter about requested documentation for their pending tax return” explained Mark Langenfeld, of DMDS SmartBundle™, a cybersecurity and cloud services provider specializing in the finance and accounting industry.

“These criminals are hoping someone in the business will open the package, believe it's legitimate and ultimately plug the USB drive into a workstation"

Mark added - “By doing this they give the hacker direct access to not only their computer, but others on the company network. This includes critical systems such as a file server, all remotely through malicious software loaded on the USB drive."

“With tax season underway, we're warning accounting and tax professionals about this alarming threat."

Cybersecurity experts recommend all businesses should be providing employees with mandatory security training. In fact commercial insurance providers have responded to the steep rise in exploits, hacks and IT security issues over the past 18 months by raising premiums and requiring policyholders to have some level of cybersecurity training available.

The team at DMDS SmartBundle™ is offering small businesses a Network & Security Assessment at no cost or obligation. They're available at (866) 432-3385 or by email contact@smartbundle.ai