Tax Season Witnesses An Upsurge in Phishing Attempts: Follow These 6 Strategies to Ensure Cybersecurity
As South Africa's tax season officially begins, cybersecurity company Kaspersky is urging citizens and businesses to be vigilant against a rise in phishing scams that mimic communications from the South African Revenue Service (SARS).
Cybercriminals are exploiting the tax season to trick taxpayers, with phishing scams becoming harder to detect. These scams are no longer riddled with grammar mistakes; they are professional, timely, and dangerous. In fact, phishing accounted for 67% of cyber incidents reported by local companies over the past year in South Africa.
AI is now being used by attackers to write better emails and automate scam websites, personalizing messages and mimicking SARS voice prompts during call scams. This means that these phishing scams can appear incredibly convincing, making it essential for individuals to stay vigilant.
Kaspersky suggests several best practices to avoid phishing scams during the tax season:
1. **Be vigilant against phishing emails and messages** that mimic official SARS communications such as urgent tax refund notifications or eFiling alerts. These scams often use official logos, realistic language, and links to fake SARS portals.
2. Understand that phishing scams have become more sophisticated due to AI, which allows attackers to write highly professional emails without grammar mistakes, personalise messages, automate scam websites, and even mimic SARS voice prompts during calls.
3. **Always verify unexpected communications about financial changes**, such as requests to change banking details or alert emails, by contacting the relevant company, business, bookkeeper, or bank directly using a known and separate channel from the communication received.
4. **Avoid clicking on suspicious links or downloading attachments** from unverified sources, especially those claiming urgent tax-related actions.
5. For social engineering attacks including deepfakes, always validate claims with the other party through a different communication channel before taking any action.
These recommendations aim to reduce the risk of falling victim to increasingly professional and convincing tax-related phishing scams during the tax season in South Africa.
To stay safe during the tax season, users should also think before clicking, check the sender's address, go directly to the source (www.sars.gov.za), avoid downloading attachments, use updated security software like Kaspersky Next or Kaspersky Premium, stay informed about known scams, report phishing attempts to SARS and IT administrators, and check SARS's alerts about known scams at sars.gov.za.
It's important to note that there was a 29% year-on-year increase in various cyberattacks overall in South Africa. However, by following these best practices, individuals can significantly reduce their risk of falling victim to phishing scams during the tax season. Kaspersky blocked nearly 900 million phishing attempts globally in 2024, demonstrating the effectiveness of these practices.
Stay safe and secure during the tax season by staying vigilant and following these best practices.
- As technology advances, attackers are using AI to write better emails and automate scam websites, making phishing scams more professional and harder to detect.
- It's crucial to verify unexpected communications about financial changes by contacting the relevant company or organization directly and using a known and separate communication channel.
- Security software like Kaspersky Next or Kaspersky Premium can provide protection against phishing scams and other cybersecurity threats, playing a vital role in maintaining safety during the tax season.
