It’s that time of year again, and while millions of Americans struggle to set up an online account with the IRS, fraudsters are busy preying on unsuspecting taxpayers with a number of schemes.
According to sources, Proofpoint, a cybersecurity firm, shared additional details on the primary types of tax season phishing schemes that consumers and organizations should be aware of this year.
While there are a few major IRS-related phishing archetypes, there are hundreds of versions that leverage attack vectors such as email, text messages, and even phone calls.
One of the most common tax scams involves cybercriminals seeking to obtain a user’s personally identifiable financial information (SSN, W2, unemployment compensation details, and so on) in order to redirect a tax refund to an attacker-controlled account.
Simultaneously, fraudsters and scammers attempt to obtain financial information in order to conduct corporate espionage or even to monetize it directly by selling it on online hacking forums.
Cybercriminals also attempt to obtain a user’s account credentials in order to gain access to their online accounts in order to steal funds or commit identity theft.
Threat actors are likely to use the IRS brand to impersonate a tax authority in all of these scenarios, either indicating that a valid piece of information, such as a revision to a form or a process, is required, or attempting to collect payment.
Furthermore, Proofpoint has identified a number of non-IRS tax frauds in which cybercriminals market their “tax preparation services.”
Cybercriminals use the same strategies year-round when it comes to malicious content used in tax season phishing, but the number of potential victims is significantly higher this time of year because all US adults are required to pay their taxes each year.
Threat actors posing as the IRS claim an additional refund, according to one tax fraud discovered by Proofpoint. When a potential victim clicks on the “Click Here” link in the malicious email, malware is instead installed on their computer.
Malicious Word documents that require the user to allow macros are also used by cybercriminals. If a user falls for the con and enables macros in the document, one example installs and runs the Ave Maria backdoor.
Other tax scams involve cybercriminals mailing out tax documents such as W-9 forms that, if a victim enables macros or enters the password into an encrypted document, install malware on their computers.
When it comes to avoiding tax scams each year, the first thing both consumers and businesses should remember is that the IRS will never contact you by email or phone; instead, the government agency prefers to communicate via letter.
IRS officials may attempt to contact you by phone, but only after sending you a letter first.
To read our blog on “Huge tax exemption is expected from newly formed Govt. for salaried class,” click here.
