With the everchanging COVID-19 pandemic, “threat actors” are increasing their focus on Phishing emails and other creative methods of attack. To assist in securely communicating with Bennett Thrasher or any other company/individual, we wanted to provide these helpful safety tips when communicating sensitive information over the internet:
- Never send sensitive information (account numbers, Social Security numbers or other documents that contain these types of information) via unsecured email, text message or any other non-encrypted method. Bennett Thrasher will never request this type of information via email and provides all clients a secure portal. If you need information or help logging into your client portal, please contact your tax advisor.
- Always check email addresses when receiving and sending emails (especially in a ”reply” email). Phishing and Spoofed emails commonly use similar email addresses of known contacts as a way to deceive the recipients. The “from” email address can easily be manipulated by these threat actors. When communicating with Bennett Thrasher associates, emails will only come from our email domain or from our portal service (example: firstname.lastname@example.org or DoNotReply@cch.com).
- When clicking on links in email communications, always hover over the hyperlink to confirm the address that appears in the window is the same as the expected destination. The safest method for accessing websites displayed within an email is to enter the intended address into your browser.
- When using websites that have any type of login (especially ones that may contain sensitive or financial information), make sure it is a secure site. Look for the “HTTPS” in the beginning of the web address. This is one of the various indicators that will help you validate a secure website.
- Emails with a “Call for Action” or giving a sense of urgency are prime ways threat actors try to trick you.
As with any of your tax-related questions, please do not hesitate to email or call Bennett Thrasher if you are suspicious about any communication claiming to be from Bennett Thrasher or one of our associates.