SoylentNews is people
SoylentNews
If you filed your IRS (US Internal Revenue Service) income tax forms through someone else, and that list gets into the hands of phishers, do you think you could detect it?
A lot of people fall for this. Hard. Gizmodo reports:
A lot of people are falling for them: A study of 150,000 phishing emails by Verizon partners found that 23 percent of recipients open phishing messages, and 11 percent open attachments. Is that not crazy? One in 10 people opens an attachment when they have no idea what they’re opening.
And it happens fast: It takes an average of 82 seconds from the time a phishing campaign is launched, until the first sucker bites. And this isn’t just phishing in people’s Gmail accounts. It’s happening on sensitive business and government accounts where the targets should theoretically know better.
Another article in Wired is reporting:
Typically, it takes months if not years to uncover a breach. In 2012, for example, FireEye reported that the average cyber-espionage attack continued unabated for 458 days before the victim discovered the hack.
[More after the break.]
I have received numerous phishing emails. So far, I have recognized them because I knew the people I am dealing with and when something outlandish comes up, I call 'em. However, these days, who knows anybody at these big, monolithic, and automated tax-collection centers, and who wants to take the risk that an ignored IRS email is indeed fake?
I have been holding out as long as I can against having anything to do with the government on the internet. I flat out do not trust the internet when it comes to email. Any of us can tell if it's some casual friend chitchat, but when mail arrives looking like it's from your bank and money is involved, it gets noticed. With the the advent of things like Electronic Funds Transfer, things can happen behind our back, and we ignore the email at our peril....
Many of us here know just how easy it is to make an extremely legitimate looking business email. It would really bother me to receive demands from compliance from some entity purporting to represent the IRS via email, with no way for me to know for sure it's bogus without taking the bait.
How many of you filed your IRS returns electronically? How do you protect yourself from phishing attacks?
(Score: 1) by kadal on Thursday April 16 2015, @02:00PM
That is a great suggestion. Except that it requires that the government get it's ass together...
(Score: 2) by kaszz on Thursday April 16 2015, @02:54PM
We can't have that happening, can we? :D
Just imagine an email inbox where emails that has the proper digital signature (like S/MIME?) would be marked by the email client as such and thus enable users skip the noise and to read the important stuff right away.
(Which would require a central 2000 GFlops mainframe at the headquarters in 24 carat gold with lots of important people in black cars and of course a salary bonus to match ;-) )
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @04:01PM
Especially not when so many elected officials have a vested interest in proving their party line, that the government can't do anything right.
(Score: 0) by Anonymous Coward on Thursday April 16 2015, @08:15PM
FYI, it appears that you squished together 2 memes:
- get its shit together
- get its ass in gear
You should pick one and go with that.
(Colloquial English can be confusing.)
...and a pronoun never needs an apostrophe to make it possessive.
-- gewg_
(Score: 2) by kaszz on Friday April 17 2015, @10:02AM
Thanks for the heads up on spelling.