Emails with fake ShareFile links among the latest phishing tactics
There has been an uptick in instances of carefully targeted phishing attacks in relation to Tax Season over the past week, specifically with the use of fake ShareFile links. KRS is hyper-vigilant about these attempts and uses the utmost caution. In light of this, we want remind our clients how KRS sends and requests sensitive documents.
KRS only uses ShareFile for document sharing. For security reasons, we cannot accept files sent through Google Drive, Dropbox, etc.
You will receive a request for or be sent documents one of two ways: an email sent directly from one of our staff members with a ShareFile link, or an email from our ShareFile account with KRS branding. We will never use Google Drive, Dropbox, or any of the other popular file sharing platforms to send you documents.
Tax Season is a period of heightened phishing activity. Protect yourself and your information. Here are some tips for doing so:
- Before clicking a link, be sure to hover over the sender’s name and confirm the email address is authentic. Phishers can spoof the sender’s name, but will typically have a different email address once you drill down.
- If you are still uncertain, call or send a separate email to the requester to confirm the email is legitimate.
- Any KRS email coming directly to you through ShareFile will look like the one below. It will include KRS’ logo and name in the sub-domain.