Security awareness

The Ultimate Tax Scam Season Security Awareness Program

Megan Sawle
February 6, 2018 by
Megan Sawle

The last week in January marked the opening of the 2018 tax season — and unfortunately for taxpayers everywhere — the start of the annual tax scam phishing season.

According to the IRS, reported phishing attacks jumped from 100 incidents in 2016 to 900 in 2017 — a whopping 800% increase in just one year. 200 employers were specifically targeted, resulting in hundreds of thousands of compromised employee identities.

Role-appropriate training to your entire workforce

Role-appropriate training to your entire workforce

Get a free year of cybersecurity skills training with your security awareness training purchase.  

To help our SecurityIQ clients prepare for the impending onslaught of tax-related scams, we’ve compiled a list of common tax schemes and a complete tax scam season awareness program.

Here’s a quick look at the common scams targeting your employees right now:

1. W-2 Phishing Scam Targeting Payroll Employees

The Form W-2 scam is one of the most effective phishing techniques used to target payroll employees. In this scam, hackers impersonate senior-level employees and request access to employee W-2 forms and other personal information like addresses, salaries and social security numbers. Once acquired, hackers use the data to file fraudulent tax returns or resell the information to other cybercriminals.

Tip: Run a SecurityIQ spearphishing campaign alongside our Spearfishing module to educate your payroll team about tax-related scams. If they detect a potential attack, ask them to report it directly with the PhishNotify plugin and to

2. Phishing Scams Targeting All Employees

Hackers often impersonate the IRS to trick taxpayers into sharing personal information. Usually conducted through a phishing email, hackers will often request information about refunds, filing status, personal information, transcripts and PIN information.

Tip: Make sure everyone in your company understands the IRS will not — in any situation — initiate contact with taxpayers by email, text messages or social media channels. Enroll your employees in our Phishing Brief module and tax-related phishing simulations to prepare them for hacking attempts.

3. Phishing Scams Targeting Tax Professionals

Tax professionals are often targeted by hackers attempting to steal taxpayer identities. These attacks come in a variety of forms, including e-service scams and tax software account credential requests.

Tip: We recommend sending our Protecting Federal Tax Information module to employees who handle taxpayer information. Pairing tax-related phishing simulations with our Malware and Phishing Brief modules will also reinforce the dangers of malicious links and file downloads.  

4. IRS Impersonation Telephone Scam (Vishing)

Telephone scams, or vishing, target individuals through direct calls. Hackers pose as IRS officials and typically demand payment for taxes owed. These calls are very aggressive and well-planned — even the caller ID is often altered to appear as if the caller is from the IRS.

Tip: Enroll your users into our Vishing module. It explains what vishing is and how hackers use this technique to collect personal and banking information.

SecurityIQ Tax Scam Season Awareness Program

To help you prepare your workforce for tax-scam season, we’ve compiled a short two-week awareness campaign based on the tips above. Even if you’ve ran these modules in the past, a refresher course can boost employee defenses against tax-related hacking attempts.

Need help deploying this campaign? Contact your SecurityIQ representative to get started.

Content Week 1 Week 2

Phishing simulations* PriorTax Account, Tax Form Management Access, Protecting Federal Tax Information module (for payroll, finance teams) TaxSlayer Account Information, Free Tax USA New Account

Awareness modules Phishing Brief, Social Engineering Brief, Vishing Spearphishing, Malware Brief  

Supporting Communication Tax Scam Season notification email 

*Please note: The IRS requests to you do not use the IRS logo in any phishing simulations.

Source: Tax Scams, IRS

Get six free posters

Get six free posters

Reinforce cybersecurity best practices with six eye-catching posters found in our free poster kit from our award-winning series, Work Bytes.


Megan Sawle
Megan Sawle

Megan Sawle is a communications and research professional with 10 years of experience in cybersecurity, bioscience and higher education. Megan leads Infosec’s research strategy, leveraging study findings to mature its cybersecurity education offerings and build awareness of cybersecurity diversity and skill shortage challenges. Since joining the team, she’s directed research projects on a wide variety of cybersecurity topics ranging from dark web marketplaces and phishing kits to the Workforce Framework for Cybersecurity (NICE Framework) and the importance of soft skills in cybersecurity roles. Megan is a University of Wisconsin-Stout graduate, an avid equestrian and (very) amateur mycologist.