| Recent tax scams, as highlighted by the IRS and the FBI, continue to pose significant threats to taxpayers, exploiting various schemes to commit fraud and identity theft. The IRS’s “Dirty Dozen” list for 2023 underscores the variety of scams taxpayers and tax professionals should be wary of, not only during the tax season but throughout the year. Among these scams, the misuse of the Employee Retention Credit (ERC) has been notably aggressive, with scammers luring ineligible individuals with promises of significant refunds. Other popular cons are “professionals” offering to set up your IRS accounts (to steal your data), lying about fuel tax credits you can get, or fake charities exploiting your kindness to pocket donations. Other scammers try to bait people through phishing emails and texts, pretending you need to simply “update personal info” or something else seemingly non-nefarious. Like always, it’s smart to keep your personal info safe and be cautious of any surprise emails or calls pretending to be from the IRS or similar tax organizations. One small piece of advice: if you ever get questionable requests, check the IRS and/or FBI website for scam alerts to protect yourself, no matter how convincing the communication sounds. Sound rather daunting? Help is on the way… Google and Yahoo’s New Requirements The biggest vector for abuse happens when a bad actor can fraudulently use a business’s trusted emailing domain to send legitimate-seeming messages to their employees, partners, or users. Google and Yahoo have set new requirements that began taking effect in February 2024, focusing on enhancing authentication and anti-spam measures for emails, to stop spam, phishing, and fraud. These rules require emailers to secure their domains from fraudulent usage and apply to nearly every business that sends email to Gmail or Yahoo inboxes. These rules, once fully in effect, should make it much harder for scammers to leverage trusted domains to defraud users. However, it’s important to note that these changes won’t be fully implemented for this tax season. Google and Yahoo will gradually enforce these rules to give senders ample time to comply. This means that while some improvements in email security might be noticed, the full benefits of these new requirements in curbing tax scams and other phishing attempts will be more fully realized in future tax seasons. How to Avoid Tax-Related Phishing Attempts THIS Season Before the upcoming regulations fully take effect, forward-thinking businesses are proactively elevating their security measures, especially during tax season. Valimail is at the forefront of this movement – creating ways to keep brands reliable and customers feeling safe. Here’s how Valimail can assist. Valimail Align keeps you in step with the changing delivery rules of major providers such as Google and Yahoo, giving you peace of mind about your compliance across various services. With our automation platform, you can effortlessly align SPF and DKIM, ensuring your emails are delivered smoothly without gaps. Valimail Enforce offers a smarter and more efficient path to DMARC enforcement. Our dedication lies in crafting top-tier automation solutions that ensure ongoing enforcement without the hassle of manual SPF and DKIM setups. With our market-leading products, you can safeguard your domains and enhance email deliverability. We provide sophisticated sender intelligence, unlimited SPF lookups, and insightful analytics, all bundled into an easy-to-use application suitable for anyone. |
Source: Valimail