The calendar year and the holidays are winding down. Year end is busy for most organizations – from updating employee benefits to insurance plans. It also means it’s “time to kick into high gear” for hackers and their scams.
With many companies running with partial staff and employees taking on extra workloads, identity thieves see them as prime targets. That’s why training ourselves to be more cautious is crucial, especially during this time of year.
Every year, scammers start bringing out their old standbys for year’s end because people still respond to them. Here are some of the most common scam tactics to be aware of so you and your users can be ready.
Watch for These 4 Common Scams
1. Employee Benefits/Health Savings Account Scams
These types of scams rely on employees not being informed of company policies. The scammer will email the employee that their benefits will expire, or they need to renew them for the new year. They provide a fake website to “log in” and steal credentials.
Solution: Avoid this by asking the appropriate person in your organization about anything benefit-related. Don’t rely on random emails.
2. Microsoft (or other software) End of Year Upgrades
This type of scam involves an email telling you that your software is about to expire and that you need to send money to renew it. Scammers will try to scare you by saying your email account will be closed by Microsoft or something similar.
Solution: Always ask your IT team or managed IT provider about the status of your licenses. If you’re considering outsourcing all or part of your IT, check out Teal’s premier solution. We would be happy to be your partner, helping you manage your software licenses, maintain compliance, and secure.
3. Phone Call Scams ("Vishing")
With staff overworked, hackers are more likely to leverage employee exhaustion by calling directly instead of emailing. These types of scammers will pretend to be from the IRS, Microsoft, or some other group that needs credentials, passwords, or access to a computer.
- Remember, none of these organizations will call you out of the blue and make you resolve an issue on the spot.
- Even if the scenario is different, and you doubt the call’s legitimacy, take a breath and calmly end it.
- If you’re concerned that you ended a conversation with a legitimate organization, call them directly with a number you know. Then, ask if they can confirm the call.
4. Charity Scams
Many people want to contribute to charities toward the end of the year, and who doesn’t like making the world a better place? Scammers will take advantage of this to send fake charity emails – hoping people will send them money.
Solution: You can avoid these by navigating directly to the website of the charity you want to go to. Never send money to people who ask for it over email.
“Hopping on the Hot Topic” Scams
While this is not always an end-of-the-year scam, it’s something you should always be vigilant for. Scammers often watch the news to take advantage of confusion surrounding tax laws and other hot topics. They then craft phishing emails that involve these topics highlighted. Two that come to mind are the new federal student loan debt repayment program whose payments restarted in October 2023 or the Israel-Hamas War.
Scam example related to the Israel-Hamas War (KnowBe4)
Hackers may send fake articles for you to click, ask for your information to help you navigate something, or pretend to be government agents and demand money.
Solution: Always remember to think before you take any action and become a master of phishing prevention by following these best practices.