Security advice for the upcoming holiday & tax seasons
December 20, 2018

by the Harris Corporate IT team

Holiday Scams

The holidays are when many of us travel to spend time with family and friends, make donations to help those in need and endeavor to find a great deal on perfect gifts. Unfortunately, this is the time when malicious actors take advantage of our holiday spirit and generosity. Not only are they looking for the eager shopper to go to an infectious website accidentally, they actively solicit us by sending malicious emails, setting up fraudulent charities on social media sites, and various other means.

Online Safety during the Holidays

Online shopping can be the way to get great deals on perfect gifts without the hassle of waiting in long lines. To make sure online purchases are secure there are a few things to keep in mind. Be careful when clicking links in emails sent to you by retailers. The best bet is to go to the retailer’s website directly from your browser rather than clicking links in emails. Make sure you have typed the correct website address as sometimes one wrong letter could land you on the wrong page. The same is true when you receive shipping notifications. Be wary of any request for payment from strange sources such as prepaid gift cards, wire transfers, etc. as they cannot be traced or undone. When tracking a package via email, verify that you made the purchase referenced and that the sender of the notification is from a legitimate source. Email is one of the most popular means that malicious actors may use to trick us into divulging information or infecting our systems. Be aware of e-cards, “free” gift-cards, and even letters from Santa with special deals that appear in your inbox.

Social media is another way malicious actors use to take advantage of our generosity during the holidays. Be very cautious when participating in “gift exchanges” on social media and verify the source of any charity before making donations.

It is also worth noting that these scams are not isolated to cyber activity. Malicious actors do not just hide behind the computer to attempt these scams, they make phone calls and send snail mail too.

Holiday Travel Mobile Device Security

Although we want to get away and travel to visit friends and family during the holidays, we still want to stay connected. There are a few things to keep in mind when traveling with your mobile device. Keep your mobile device close to you at all times and password protect it. Be aware of the inherent risks of your mobile device, which are essentially the same as your laptop or any other Internet-connected device and take necessary precautions to keep it secure. Avoid using public Wi-Fi networks at places like airports, hotels, etc. to conduct corporate or personal business that may expose sensitive or confidential information. Turn off Bluetooth when it is not needed and be cautious when using charging stations that you do not control.

Tax Scams

As the holiday season ends, tax season immediately follows. Filing taxes is not a fun way to start a new year, but it is a necessary evil that we all have to get done by the deadline. Filing taxes and paying fees or overages is time consuming, costly and stressful. The last thing we want is to get an email or phone call from our tax authority stating that we are late filing, still owe money or there are other problems taxes. Malicious actors take full advantage of this fact in hopes to manipulate us into responding quickly to avoid trouble. Always be cautious when you receive requests by either mail, phone, email or even text messages that appear to be from the tax authority requesting your personal information or payment. These requests are an attempt to steal your identity, fraudulently file taxes using your information or outright steal your money.

Many of these scams are very sophisticated and hard to detect. The best way to know if you are being scammed or if the request is legitimate is to know the processes by which your tax authority will communicate with you. Visit your tax authority’s official website by typing in the website address in your browser, such as “”. NEVER CLICK a link to visit these sites from any email or text message regardless of how official they appear, as they are most likely spoofed. Do not provide any personal or banking information without validating the request first. Always remember, the tax process is not quick, so do not be fooled that you have to provide information immediately or there will be dire consequences.

Don’t Get Scammed

Regardless of the season, the tactics that malicious actors use to scam you are similar. There are a few things you can do that will help prevent malicious activity directed toward you, your information or system:

  • Think before you click - If you receive a message from someone you know with a link in it, ask your self these questions before you click:

Is this message really from who I think it is and does the email address match my records?

Is this request or content typical for the type of communication I usually receive from the sender?

Does the content look suspicious, have misspellings, or poor grammar?

Better yet, type in the destination website in your browser yourself instead of clicking the link.

  • Don’t tell solicitors - Never provide sensitive information including passwords to a solicitor. NO ONE should ever call, write or text you and request your information. If you initiate a request and provide sensitive information that is different. For example, if you call your bank for assistance with your bank account, you would provide your account number. A “bank” would never call you to ask you your account number.
  • Think before you respond - If an email, text or phone call seems a bit “off” it most likely is. Take your time to think about the scenario you are dealing with and if something seems strange or if you are not comfortable with the situation do not respond or hang up if it is a phone call.
  • Nothing is free. Remember, if it seems too good to be true, it most likely is.

These are just a few things you can do to help protect yourself from being scammed.

Helpful Links:

Protect Yourself against Fraud