What Is Phishing? | How to Avoid Phishing Scams
We are committed to providing timely updates regarding COVID-19.

What Is Phishing and How Do I Avoid It?

Protect your small business from phishing scams.

Phishing is, unfortunately, common. Fraudsters are sly, and they keep getting trickier. Both your personal and business information could be at risk.

To reduce your risk of being a victim, you should learn what phishing scams look like and how to protect yourself.

What is phishing?

Phishing is a fraudulent practice used to lure you into providing personal and financial information to a seemingly legitimate entity. Scams might target you or your business, asking for your Social Security number, employer identification number (EIN), tax information, passwords, bank account information, or employee information.

Email is the most common method for phishing, but scammers use many other methods as well. You can be contacted through phone calls, letters, fax, websites, and text messages.

What do phishing scams look like?

Phishing scams often carry a serious tone to scare you into handing over your information. You might receive messages like, “Your account will be closed” or, “Verify your identity.” Scammers often threaten jail time or legal action if you don’t provide the information or money they ask for.

Email and website scams often ask you to click on a link where you are prompted to enter personal information.

Phishing scams often appear legitimate because they use official logos or names of people you know. Scammers will often pose as the IRS, financial institutions, or important individuals in your business.

Be aware that the IRS will never initiate contact with you through email, text messages, or social media. The IRS initiates contact through mail. Scammers sometimes manipulate actual IRS letters as part of a phishing scheme. You can search your letter number on the IRS website to find out if it is real.

Your employees can also receive phishing scams. The IRS issued an alert about a scam that is emailed to payroll and HR employees, which asks them to send payroll data including employees’ Form W-2. The email looks believable because the scammers pose as a company executive.

What should I do if I receive a phishing scam?

Because there are many types of phishing scams, the action you take will depend on how you received the scam.

IRS-related phishing

If you receive an email claiming to be from the IRS, do not reply. Do not open any attachments or click on any links. Forward the unaltered email to phishing@irs.gov. Then, delete the original email.

If you receive a phone scam from someone who claims to be from the IRS, fill out the “IRS Impersonation Scam Reporting” at tigta.gov.

For other IRS-related phishing attacks (phone calls, letters, faxes, text messages, and web pages), go to the IRS page about phishing to learn how to report the scam.

Non-IRS-related phishing

If you receive a phishing email that does not claim to be from the IRS, forward the unaltered email to spam@uce.gov and/or to reportphishing@antiphishing.org.

What do I do if a phishing scam tricks me?

If you are tricked by a phishing scam, file a report with the Federal Trade Commission.

Phishing victims can become identity theft victims. Carefully watch your business’s bank account and financial statements. Look for unusual bills. Watch out for manipulated or falsified business filings. Look for misuse of your EIN or other business information.

If you gave employee information to the scammer, alert your employees. Employees should check their credit scores, bank accounts, and anything else related to their identities.

How do I protect myself against phishing?

Here are some things you can do to reduce your chance of being a victim of a phishing scam:

  • Use security software and strong passwords on your computer.
  • Do not open links or attachments from unknown or suspicious email.
  • Never email personal or financial information.
  • Secure personal and business information.
  • Learn to recognize scams.
  • Teach your employees how to avoid phishing scams.

The more secure your business is, the safer you, your employees, and your business will be.

With Patriot’s payroll software, your payroll information is protected. We use the same encryption as banks, and our servers are housed at a fully-secured data center. You can trust us with your business’s payroll. Try our inexpensive payroll software now.