Social Engineering Attacks to be Aware of This Tax Season

As South Africans prepare to file their tax returns from 7 July, cybercriminals are also gearing up. Tax return time becomes open season for cybercrime, and this year is expected to be worse due to many people working from home on various devices connected to unsecured networks.

Social engineering scams, although cybercriminals employ other sophisticated tactics, become low-hanging fruit, particularly during tax season. The good news is that everyone can take steps to avoid falling victim to a social engineering tax scam.

Types of Social Engineering Attacks to watch out for

Cybercriminals actively exploit the stress and uncertainty surrounding tax season. Attacks often manifest as phishing email campaigns or phone calls from individuals claiming to be from the South African Revenue Service (SARS). To appear legitimate, scammers may utilize stolen personal information, such as identity numbers.

Cybercriminals adopt a ‘“spray and pray”’ approach for phishing campaigns, sending thousands of emails with hopes of ensnaring at least one victim. On the other hand, spear-phishing attacks involve targeted phishing emails personalized to appear as if they were sent by someone familiar to the recipient. While spear phishing was once challenging to execute, advanced cybercriminals now employ machine learning and artificial intelligence to enhance the effectiveness of these attacks.

Who Are the Targets of Social Engineering Attacks During Tax Season?

Small business owners, new taxpayers under 25, and older taxpayers over 60 become prime targets for tax refund scams during tax season. Cybercriminals perceive these individuals as potentially less informed about tax policies and more susceptible to emotional manipulation. For instance, scammers may claim that the victim has missed a crucial tax deadline and apply pressure for immediate action.

How to Protect Yourself Against Tax Scams

Understanding what to look for and how to handle suspicious emails or phone calls can help individuals avoid falling victim to social engineering attacks during tax season. Here are some tips for effectively defending against such attacks:

Look for grammatical errors and typos in emails, as phishing emails often contain noticeable mistakes.
Be skeptical of unexpected emails or phone calls claiming to be from SARS or governmental agencies. If in doubt about the legitimacy of a sender or caller, avoid providing any information and contact SARS directly for verification.
Refrain from sharing personal information, such as identity numbers or credit card details, over the phone or via email. Scammers may try to pressure individuals into immediate action, but it’s important to hang up or delete the email.
Inform family and friends who may be vulnerable to such attacks, sharing cybersecurity information and encouraging them to get educated. The Fortinet NSE Training Institute offers cybersecurity awareness training covering essential terms, cybercrime motivations, attack methods, and protection tactics.
Use a VPN when connecting to public Wi-Fi to prevent attackers from spreading ransomware. Connecting to a virtual private network (VPN) creates an encrypted “tunnel” for data transmission, ensuring privacy and security. It’s crucial to choose a trusted VPN provider.
Implement firewalls and advanced endpoint protection to prevent attacks. Next-generation firewalls (NGFW) scan both incoming and outgoing traffic, identifying malware and other threats. Equipping employees with advanced endpoint protection reduces the attack surface, detects and neutralizes potential threats in real time, and automates response and remediation procedures.

Educate Yourself and Stay Safe During Tax Season

Understanding the signs of a social engineering attack can protect individuals from falling victim during tax season. By learning how SARS communicates with individuals, recognizing legitimate messages, and understanding which information should be provided, individuals can stay one step ahead of cybercriminals and keep their data secure.

Report any SARS-related phone or email scams to or contact the Fraud and Anti-Corruption Hotline at 0800 00 2870.

By Aamir Lakhani, Senior Security Strategist, Fortinet