Meet Ai3, the DTEX Risk Assistant. Fast-track effective insider risk management with guided investigations.



A Human-centric Approach to Operational Awareness and Risk Management.

Insider Risk Insights - DTEX Blog
  • Home
  • Press
  • Dtex April Insider Threat Alert: Tax Season May Lead to Increased Employee-Driven Data Breaches, Privacy Violations

Dtex April Insider Threat Alert: Tax Season May Lead to Increased Employee-Driven Data Breaches, Privacy Violations

Cybersecurity Experts Offer 10 Tips for Effective Defense Against Tax Season Cyberattacks

SAN JOSE, CA — April 6, 2017 – Dtex Systems, a leader in insider threat intelligence, today released an insider threat alert for April 2017. The alert reminds public and private sector organizations that attacks utilizing tax season scams typically increase this time of year, with cybercriminals taking advantage of vulnerable employees in HR, accounting and other departments that frequently access and share employee, contractor and partner tax information. In a typical scam, criminals impersonate colleagues and top leaders, send convincing phishing emails requesting employee W2 forms and other tax related data, and trick vulnerable employees into sharing information via email and cloud file sharing apps.

According to the Internal Revenue Service (IRS), tax-time cyberthreats are at an all-time high. As early as February, the IRS warned that email schemes targeting payroll professionals and human resources personnel were already underway. In fact, tax-related scams are part of the IRS’ “Dirty Dozen” ( threats to watch for.  Additionally, in 2016, the IRS reported that tax-related cyberattacks rose 400 percent.

Effective Defense Needed

To reduce the impact of insider threats during tax season and year round, Dtex recommends that enterprise security teams take several key steps:

Always be vigilant and instill a security mindset among your employees. During seasons when targeted attacks rise, make sure your employees are warned in advance and often about what to be aware of.Improve on and off-network monitoring of user behavior.Increase visibility over tools and employees prone to credential theft.Examine behavior of employees who have recently joined the company, are planning to leave the company or are contractors.Pay attention to employees who violate company policy, which is often an early indicator of potential risk.Don’t rely completely on legacy technologies. These often provide overwhelming reams of data but low visibility and few actionable insights into user behavior.Close the skills gap by providing formal and informal training to all security team members.Focus on the point closest to the user itself: the endpoint.Remain vigilant to anomalous behavior from employees that deviates from the norm.

Supporting Quotes:

“Not all insider threat-driven data breaches are the result of malicious insiders. In fact, most are caused when vulnerable employees fall prey to scammers who know that most of their victims will release data at the request of a peer or superior, or someone impersonating either,” said Christy Wyatt, CEO of Dtex Systems. “Chances are, most organizations’ employees who are assigned HR and accounting tasks are overwhelmed this time of year. Businesses that want to make sure that employees with access to sensitive data are protected from seasonal attacks need to ensure that they have visibility into what their users are doing online and alerts telling them when something suspicious takes place.”

“All it takes is one employee clicking on a tax-related phishing email for a malicious actor to enter the organization’s network. In fact, we’ve found that over 68 percent of all data breaches can be attributed to these types of employees,” said Bahman Mohbad, COO of Dtex Systems. “Once a malicious actor is in the network, it exposes not only the individual user’s information but sensitive company data and IP as well. In our experience, enterprise organizations cannot rely simply on training and simulation tools to mitigate threats completely due to human nature. These same organizations have found that by increasing visibility into user behavior around tax season – particularly on tools that are prone to credential theft – they are able to better protect themselves and prevent material damage.”

“With cyberthreats during tax season at an all-time high, organizations need to take charge and defend themselves and their employees against hackers,” said Mohan Koo, CTO and Co-founder of Dtex Systems. “An organization’s greatest asset – employees – can also be its most vulnerable point. In addition to helping users recognize potential threats, it is critical that an organization focuses its efforts on understanding user behavior at the point closest to the user itself: the endpoint. With technology that provides these insights, security teams will be able to better spot anomalous behavior from an employee and identify potential threats in real time should a hacker infiltrate the company network through a tax-time scam.”

About Dtex Systems

Dtex Systems arms enterprises across the globe with revolutionary technology to protect against user threats, data breaches, and outsider infiltration. As the only solution combining unparalleled endpoint visibility with advanced analytics, Dtex is able to pinpoint threats with greater accuracy than traditional security methods without adversely impacting user productivity. To learn more, visit