Phishing Emails

Article #: 15382

Last Updated: January 16, 2025

 

Tags: Drake TaxDrake Accounting

Drake Tax logo

Caution  We were recently notified of a new phishing scam designed to target Drake Professional customers. This phishing email has the following items:

  • From address of “noreply@drake-softwares.pro” (or similar non-Drake Software email address).

  • Says that you have an outstanding invoice.

  • Contains a link labeled Download Invoice. This link may download malicious files to your device – do not click on this link.

That email is not legitimate. If you have received the email, or clicked on the link, please follow the steps below.

Phishing Overview

Phishing is a fraudulent tactic where scammers attempt to steal sensitive information, such as usernames, passwords, bank, and credit and debit card information, often through deceptive emails.

Tax return preparers and their clients are prime targets for phishing attacks. Scammers may send emails disguised as legitimate invoices to trick clients into making payments. It is crucial to be vigilant and educate clients about these scams.

You should never click on an email or any links in an email that you are not expecting. Always verify the source and legitimacy of an email before opening it or clicking on any links. Phishing schemes may appear to be sent from a Drake Software email address or non-Drake address and typically ask that the recipient reply with personal details or click on links.

Important  Drake Software will never request that you provide personal information through email. Delete the email immediately and do not click any links or reply.

Common Phishing Signs

Some common signs indicating that an email is not legitimate are as follows:

  • The blue hyperlink displays a non-Drake website when you hover over it. (Do NOT click it!)

  • The email contains grammar and spelling errors.

  • The email is from a fake email address that is only slightly altered from a legitimate email address.

  • The email demands immediate action or threatens consequences for not taking action.

Note  For additional ways to protect yourself, see Protecting You and Your Clients from Phishing Emails. Drake Software also recommends sharing the document Phishing Guidance for Taxpayers with your clients to help keep both them and your practice safe.

Reporting Phishing Emails

If you receive a suspicious email claiming to be from Drake Software:

  • Do not reply.

  • Do not open any attachments.

    • Attachments may contain malicious code that will infect your computer.

  • Do not click on any links.

    • If you clicked on links in a suspicious email and entered confidential information, please contact Drake Software to secure your account at (866) 369-9308.

Report the email claiming to be from Drake Software by using the following steps:

  • Forward the email as an attachment to Drake Software at phishing@drakesoftware.com.

    • Look for your email provider below and follow the instructions.

  • After you forward the email to us, permanently delete the email message that you received.

It is important that the original email received is forwarded to Drake Software as an attachment with the Internet headers included. The Internet header has additional information to help us locate the sender. Below are detailed instructions on what to do if you receive a suspicious email, and how to forward it to Drake Software as an attachment.

Caution  DO NOT DO A SIMPLE FORWARD OF THE EMAIL!

Email Provider Specific Instructions

Outlook

  1. Click on the email in the email list, but do not open it.

  2. Hold down the Ctrl + ALT and click on the F key.

  3. A new email message will open up with the attachment in place.

  4. Send to phishing@drakesoftware.com.

Gmail

  1. Open the email.

  2. Click on the down arrow on right side of screen by time of day.

  3. Click on Show Original.

  4. Copy the entire raw message:

    • Click in the body of the email,

    • Ctrl + A (to highlight whole message),

    • Ctrl + C (to copy).

  5. Open a new email addressed to phishing@drakesoftware.com.

  6. Click in the body of the email

  7. Press Ctrl + V (to paste)

Yahoo

  1. Open the email.

  2. Click on More.

  3. Click on View Raw Message.

  4. Copy the entire raw message:

    • Click in the body of the email,

    • Ctrl + A (to highlight whole message),

    • Ctrl + C (to copy).

  5. Open a new email addressed to phishing@drakesoftware.com.

  6. Click in the body of the email.

  7. Press Ctrl + V (to paste).

Hotmail

  1. Right click on the email in the email list.

  2. Click on View Message Source.

  3. Copy the entire raw message:

    • Click in the body of the email,

    • Ctrl + A (to highlight whole message),

    • Ctrl + C (to copy).

  4. Open a new email addressed to phishing@drakesoftware.com.

  5. Click in the body of the email.

  6. Press Ctrl + V (to paste).

Aol

  1. Right click on the email in the email list.

  2. Click on View Message Source.

  3. Copy the entire raw message:

    • Click in the body of the email,

    • Ctrl + A (to highlight whole message),

    • Ctrl + C (to copy).

  4. Open a new email addressed to phishing@drakesoftware.com.

  5. Click in the body of the email.

  6. Press Ctrl + V (to paste).