With convenient holiday shopping, preparation for the upcoming tax season, critical year-end deadlines, and now, more remote work being done, it is likely that your online activity is heightened around this time of year. Unfortunately, cyber hackers know this all too well.

As you continue to work as efficiently as possible, the last thing you want to deal with is a data breach. Cyber criminals are continually getting savvier, which is why it’s a good idea to note some tips for identifying potential scams.

Below are five things to be aware of when an email reaches your inbox:

1. A link.

Scammers will often pose as the IRS, financial institutions, credit card companies, tax companies or software providers. Sometimes, hackers will even pose as an individual within your organization. They will claim that they need you to update your account or they will request that you change a password. These emails contain a link to a spoofing site that may look familiar and similar to the actual website.

The rule here is simple: Don’t click the link. If in doubt, go directly to the legitimate website to access your account. Also, contact your IT team to make them aware of this incident.

2. An attachment.

Sometimes, scammers will actually include an attachment to the email. It may be infected with malware that can download malicious software onto your computer without you even realizing it. If it is spyware, it can track your keystrokes to obtain information about your passwords, credit card information and any other sensitive data.

Rule: Don’t open attachments from unknown sources.

3. A message from a “government agency” or “financial institution.”

Cyber hackers will attempt to frighten you into opening the email by posing as a government agency, financial institution, or tax company. They will try to imitate the official organization, especially tax-related ones during the tax filing season.

Rule: Check the official agency first.

4. A message from someone claiming to be a friend.

Scammers will hack into email accounts and try to leverage the stolen email addresses. If you receive a message from a “friend” that doesn’t seem quite right, it probably isn’t. The email may be missing a subject line or contain odd requests or content.

Rule: If it seems odd, it likely is a scam.

5. A false lookalike URL.

The email you receive may contain a URL of a web address. This is the scammers way of trying to trick you. For example, instead of www.IRS.gov, the lookalike may be www.irs.gov.maliciousname.com.

Rule: Verify the authenticity. You can do this by placing your cursor over the text to view a pop-up of the real URL.

Learning to recognize these telltale red flags will help you combat data loss. Be sure to share this knowledge with your team as well since the entire organization plays a part in keeping the business cyber – safe.

Learn more from the IRS by clicking here.

Want to see more cybersecurity topics? Below are some of our most recent cybersecurity blogs:

With PrimePay, your payroll is safe & secure.

Start working with PrimePay today to learn more about how we help you create efficiencies and ensure compliance.

Fill out the form below to learn more.

Disclaimer: Please note that this is not all-inclusive. Our guidance is designed only to give general information on the issues actually covered. It is not intended to be a comprehensive summary of all laws which may be applicable to your situation, treat exhaustively the subjects covered, provide legal advice, or render a legal opinion. Consult your own legal advisor regarding the specific application of the information to your own plan.

Editor’s Note: This post was originally published in December 2016 and has been updated for freshness, accuracy, and comprehensiveness.