Educause Security Discussion mailing list archives

Re: Tax-themed phishing exercises

From: "Dixon, Cameron" <cameron.dixon () HQ DHS GOV>
Date: Fri, 20 Apr 2018 16:18:05 +0000

Two statutes worth being aware of with regard to tax-themed phishing:

* https://www.law.cornell.edu/uscode/text/31/333
* https://www.law.cornell.edu/uscode/text/18/709

One is Treasury-specific, but IRS takes these very seriously!

The U.K.’s NCSC has great commentary on phishing your users, which really resonates with me: 
https://www.ncsc.gov.uk/blog-post/trouble-phishing



- - - -
Cameron

________________________________
From: The EDUCAUSE Security Constituent Group Listserv on behalf of Boyce, Rori
Sent: Friday, April 20, 2018 8:51:54 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Tax-themed phishing exercises

This makes perfect sense, thanks for the heads up!

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Hassler, Karl D.
Sent: Thursday, April 19, 2018 3:49 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Tax-themed phishing exercises

Caution - External Email
________________________________

Just and FYA for those of you engaged in phishing exercises with your communities: The IRS strongly discourages 
tax-themed phishing exercises because they can end up being reported to phishing () irs gov<mailto:phishing () irs gov> 
and divert agency attention and personnel from investigations of actual phishing scams.  They’ve had incidents where 
organizations construct payroll-themed lures which make employees/recipients believe they are victims of a stolen 
identity refund fraud (SIRF) or the business email compromise (BEC) / business email spoofing (BES) W2 scam.  
Recipients promptly emailed phishing () irs gov<mailto:phishing () irs gov>, called the IRS, contacted their tax 
professionals, etc. which generated a lot of confusion.



Remember, you want to get peoples’ attention and reinforce best practices.  If you’re too convincing, you can set off 
an Orson Wells-like panic. Tax phishes, especially at this time of year have the potential to elicit calls to the IRS.



TLP: Amber


Karl Hassler, CISSP
Director,  IT Security Policy & Compliance
302-831-3750
302-489-9788

Current thread:

Tax-themed phishing exercises Hassler, Karl D. (Apr 19)
- Re: Tax-themed phishing exercises Boyce, Rori (Apr 20)
- <Possible follow-ups>
- Re: Tax-themed phishing exercises Sue McGlashan (Apr 19)
- Re: Tax-themed phishing exercises Dixon, Cameron (Apr 20)
  - Re: Tax-themed phishing exercises McClenon, Brady (Apr 23)