David Anderson is principal of David Anderson & Associates, a Philadelphia forensic accounting firm that provides a full range of fraud investigation, forensic accounting and marital dissolution services in Philadelphia and the Delaware Valley.

In my blog from this time last year, I discussed how I began receiving e-mails from people who supposedly needed my services to prepare their 2024 tax returns. In each case, the person e-mailing me wanted me to click on a suspicious attachment or link. And, in each case, the e-mail turned out to be a phishing attack.

Well, this tax season they did it again!

The e-mails started coming again in January, but not as many as there had been last year. The stories were still the same. In each case, they said they had either enclosed an attachment or a link (apparently to a Google drive, a Dropbox account, a SecureFilePro account or other similar account) containing their previous year’s tax returns and other relevant information, and asked me to review these items and provide them with a quotation for my services.

Additionally, I experienced three new types of phishing attacks:

• I received an e-mail from someone who claimed to have been the hacker who breached the alumni database at the University of Pennsylvania. He claimed that using the information he gleaned from the attack, he planted malware on my computer system and downloaded my confidential files. He stated that in return for a modest ransom payment via Bitcoin, he would delete this information. However, he stated, if I did not immediately send the payment, he would send out the confidential information to all of my e-mail contacts.

Because I use a high-quality anti-virus software package and update it regularly, I immediately ran a detail level scan of my entire computer system. The anti-virus package indicated that no such malware was detected. However, to play it even safer, I contacted the anti-virus software company and spoke to their technical support staff. They reviewed the results of my scan and told me that the scan results were accurate and reliable, and that I shouldn’t worry about the software having missed the alleged malware.

The next day, I received an identical e-mail from another person who claimed to have been the hacker who breached the rewards database of one of my favorite lunch places. The only difference between the two e-mails was the name of the hacked database, the e-mail address, and the Bitcoin wallet information. It was at this point that I realized this was another type of more sophisticated phishing attack. However, I also noted that the rewards database information was for a different e-mail address from my business even though the above e-mail was sent to my business.

Two days later, I received another identical e-mail from a third person who claimed to have been the hacker who breached a national medical records database, and who demanded the exact same as the two previous e-mails.

• Also beginning in January, I received phone calls which were identified as coming from non-profits, local governments or local businesses but all of which featured a young lady’s voice (different names but the same voice) telling me that my loan request had been approved, and that if I called the featured phone number with just a few missing pieces of information (my date of birth, social security number and bank account routing and account number) they could immediately wire me the funds. I sometimes received three to four such phone calls every day. Of course, I had never applied for a business loan, so I knew that these were phishing calls. However, I know of a number of small businesses who could be potentially looking for loans and could fall prey to these calls.

The calls continue to come in from other phone numbers despite me blocking each of the previous ones. Sometimes the voice is male and sometimes female. The company names given vary regularly, and then some of the calls added urgency by telling me that because only a limited amount of funds are available, if I don’t act immediately, they may not be able to provide me with the funds.

• Finally, I have begun to receive a new version of e-mail phishing attack. The person sending me the e-mail apologizes for having had difficulty in sending me the requested files but has now uploaded them to Adobe Secure Upload with a link provided. In each case, the e-mail is coming from a different person with a different phone number, but it is in the same language. I also noted that the e-mail address of each person has a .br extension (meaning it is from Brazil, a country for which I have no clients or business relationships).

Given this continued onslaught of phishing attacks – which now appear to be aided by AI and deepfakes, businesses need to ask themselves the following questions:

• What is your business doing to protect itself from phishing and other attacks on your data?
• Do you have policies and procedures in place to have employees be on alert for suspicious emails or phone calls and to definitely NOT click on attachments or links that have not been verified?
• Are they also on alert for e-mails or phone calls which appear to come from a company senior executive requesting wiring of funds or providing confidential information?

If not, you should consider having a forensic accounting expert come into your business to help you protect your data from the “Phisher-Men.”

To contact such an expert in Philadelphia and the Delaware Valley, please contact the Philadelphia forensic accounting firm of David Anderson & Associates by calling David Anderson at 267-207-3597 or emailing him at david@davidandersonassociates.com.

About David Anderson & Associates

David Anderson & Associates is a Philadelphia forensic accounting firm that provides a full range of forensic accounting services in Philadelphia and the Delaware Valley. The experienced professionals at David Anderson & Associates provide forensic accounting, business valuation, fraud investigation, fraud deterrence, litigation support, economic damage analysis, business consulting, and outsourced CFO services.

Company principal David Anderson is a forensic accounting expert in Philadelphia with more than 30 years of experience in financial and operational leadership positions. He is a Certified Public Accountant, a Certified Fraud Examiner, and a Certified Valuation Analyst.