Every year, cybercriminals exploit tax season to target businesses with fake IRS notices, W-2 requests, and payroll redirect scams. This year is no different — and the attacks are more convincing than ever thanks to AI-generated phishing emails that look nearly identical to legitimate communications.
Here’s what to watch for:
Emails claiming to be from the IRS requesting “immediate action” — the IRS does not initiate contact by email
Requests from “HR” or “Payroll” asking you to update your direct deposit information
Fake DocuSign or PDF links asking you to verify your identity before viewing a tax document
If you receive any of these, do not click links or download attachments. Call the sender directly using a number you already have on file.
Marmic clients: your systems are monitored 24/7 and our helpdesk team is one call away if something looks off. Not a client yet? Get a free assessment.