The Internal Revenue Service (IRS) is issuing a crucial reminder to car dealers and sellers to stay vigilant against the evolving threat of phishing and smishing scams that could disrupt daily business operations.
In light of a recent ransomware attack targeting car dealerships, the IRS warns individuals and businesses to be extra cautious. Scammers and identity thieves use tactics to trick recipients into clicking suspicious links, providing personal and financial information, or downloading malware.
Relentless Scammers: Stay Alert
Fraudsters are persistent in their efforts to steal sensitive information, often impersonating the IRS to do so. The IRS advises car dealerships to be particularly cautious with unsolicited messages and to avoid clicking any links in emails or texts if there is any doubt about their authenticity.
Phish or Smish: Don’t Take the Bait
The IRS has seen a surge in email and text scams targeting businesses and individual taxpayers. Alongside its Security Summit partners, the IRS continues to alert businesses like car dealerships to stay vigilant against email and text scams designed to compromise their systems.
Types of Scams to Watch For
- Phishing: Emails from fraudsters posing as legitimate sources. These emails aim to entice victims into providing sensitive information.
- Smishing: Text messages with alarming language such as, “Your account has been put on hold,” or “Unusual Activity Report,” often containing a bogus link to “restore” the account.
Protect Your Business: Best Practices
- Avoid Unsolicited Communications: Do not click on any links in unsolicited messages, as they may install malware or ransomware.
- Verify Sender Identities: Scammers often pose as trusted organizations, friends, or family members. Always verify the sender’s identity through an independent communication method, such as calling a known accurate number, not the one provided in the email or text.
- Use Multi-Factor Authentication: Setting up two-factor or multi-factor authentication with email providers can reduce the risk of email account compromise.
Action Steps if Targeted
- Don’t Respond or Click Links: Never respond to phishing or smishing messages or click on any URLs.
- Don’t Open Attachments: Attachments may contain malicious code that can infect computers or mobile devices.
- Report Suspicious Emails: Forward phishing emails with full headers to [email protected]. Avoid forwarding screenshots or scanned images as they remove valuable information.
- Delete the Original Email: Once reported, delete the original suspicious email.
For more information on protecting your identity and responding to phishing or smishing attempts, visit the IRS identity protection page.
Stay safe and protect your business from these evolving threats. Stay informed, stay cautious, and stay secure.
