This afternoon, I was answering email and I accidentally clicked on Outlook’s “File Information.” I happen to notice that the last login was from Buffalo, New York. I’m just 3,000 miles away in Las Vegas, so I immediately sent a message to my IT person. He both reassured me and made me worry–a lot.
No, no one from Buffalo had logged in. However, someone was trying to log in, and per the IT logs someone was actively trying to break into our email server using a brute force technique from somewhere in Asia (spoofing various US cities). I suspect they think that from the email server they can then get into our regular network (they can’t; they’re completely separate). Still, my IT person wanted to immediately implement a couple of new security procedures for our email and I gave my go-ahead. I’m not going to detail them (sorry, hackers), but they should make it far, far more difficult to even try to break-in.
The reason I bring this up is that tax professionals are targets. We have a ton of wonderful information that hackers want (lots and lots of personal information), and I’d prefer not to have to use my cyber insurance. If your IT person/department is not periodically checking your logs to see if you’re being targeted, you need to rectify that immediately. I didn’t know that hackers were targeting email servers, but they are. So be vigilant tax professionals: We’re under attack.