In the beginning of March, the United State's Internal Revenue Service (IRS) added phishing emails to its "Dirty Dozen"—a list of scams that affect taxpayers. This news comes to light alongside the latest security advisory from Barracuda Security Insight, which states that several phishing emails are being disguised as tax-related alerts to steal users' passwords.

How do phishing schemes work?

These phishing emails use urgent language and mention important terms like "tax refunds" or "tax arrears" to convince readers to open the attached document. Generally, the attachment is a Word document with a benign title like taxletter.doc. However, if opened, these attachments spread malware that run in the background and steal users' passwords. 

Hackers have evolved along with technology; the emails they send contain different file types and come from different senders in an attempt to evade detection. 

What best practices can you adopt to avoid becoming the next victim?

• Educate your users about phishing scams and spread awareness about targeted attacks.
• Use a third-party tool to scan all incoming emails and detect possible threats.

How can ManageEngine help?

ManageEngine Exchange Reporter Plus provides a host of reports that help you locate suspicious emails, both sent and received, based on keywords in their subject or body.

It also allows you to locate emails based on:

• Attachment name.
• Attachment type.
• Attachment size.

Once you identify that phishing emails have been received by your users, you can let them know what to look out for and remind them about the consequences of opening such emails.

In attacks where the content and sender information are varied, Exchange Reporter Plus can still help. Customize reports to include all the keywords these different emails use to detect malicious emails immediately.

If you're using Exchange Reporter Plus, the next time a suspicious email is received by a user in your organization—tax season or not—you'll know immediately.