Convenient holiday shopping, preparation for the upcoming tax season, critical year-end deadlines… Chances are – your online activity is heightened around this time of year. Unfortunately, cyber hackers know this fact all too well.

The IRS saw approximately a 400 percent surge in phishing and malware incidents during the 2016 tax season. Yikes.

As you continue to work towards running your small business as efficiently as possible, the last thing you’d want to deal with is a data breach. Cyber criminals are continually getting savvier, which is why it’s a good idea to be able to spot a scam right off the bat.

These are the top five things to look out for when an email reaches your inbox:


Scammers will often pose as the IRS, financial institutions, credit card companies, tax companies or software providers. They will claim that they need you to update your account or they’ll request that you change a password. These emails contain a link to a spoofing site that may look familiar and similar to the actual website.

The rule here is simple: Don’t click the link. If in doubt, go directly to the legitimate website to access your account.

2. An attachment.

Sometimes, scammers will actually include an attachment to the email. It may be infected with malware that can download malicious software onto your computer without you even realizing it. If it is spyware, it can track your keystrokes to obtain information about your passwords, credit card information and any other sensitive data.

Rule: Don’t open attachments from unknown sources.

3. A message from a “government agency” or “financial institution.”

Cyber hackers will attempt to frighten you into opening the email by posing as a government agency, financial institution or a tax company. They’ll try to imitate the official organization, especially tax-related ones during tax filing season.

Rule: Check the official agency first.

4. A message from someone claiming to be a friend.

Scammers will hack into email accounts and try to leverage the stolen email addresses. If you receive a message from a “friend” that doesn’t seem quite right, it probably isn’t. The email may be missing a subject line or contain an odd requests or language as underlying content.

Rule: Don’t trust your “friends.” :) If it seems odd, it likely is a scam.

5. A false lookalike URL.

The email you get may contain a URL of a web address. This is the scammer’s way of trying to trick you. For example, instead of, the lookalike may be

Rule: Verify the authenticity. You can do this by placing your cursor over the text to view a pop-up of the real URL.

Learning to recognize these telltale red flags will help you combat data loss. Be sure to share this knowledge with your staff members as well since your employees play a huge part in keeping your small business cyber – safe.

Learn more from the IRS by clicking here.

The original version of this article can be found here.