It's that time of year again and with millions of Americans scratching their heads trying to create an online account with the IRS, cybercriminals are busy preying on vulnerable taxpayers with a wide variety of scams.

In an email to TechRadar Pro, cybersecurity firm Proofpoint provided additional information on the top types of tax season phishing scams that consumers and businesses should be aware of this year. While there are a few main IRS-related phishing archetypes, there are actually hundreds of different variations that use attack vectors like emails, text messages, and even actual phone calls.

One of the top tax scams involves cybercriminals trying to gain access to a user's personally identifiable financial information (SSN, W2, unemployment compensation details, etc.) in an attempt to redirect a tax refund to an account. controlled by the attacker. At the same time, cybercriminals and fraudsters also try to access financial information to spy on a company or even directly monetize it by reselling it on online hacking forums.

Cybercriminals also try to access a user's account credentials with the aim of taking over your online accounts to steal funds or even commit identity theft.

In all of these cases, threat actors are likely leveraging the IRS brand by pretending to be a taxing authority, either communicating that legitimate information is needed, such as a change to a form or process, or attempting to collect payment. In addition, Proofpoint has observed a variety of non-IRS tax scams in which cybercriminals advertise their "tax preparation services."

How to spot tax season phishing and tax scams?

When it comes to malicious content used in tax season phishing, cybercriminals are employing the same tactics they use all year long, but this time the number of potential victims is even higher because all American adults must file their taxes every year. anus.

A tax scam observed by Proofpoint involves threat actors posing as the IRS with the demand for an additional refund. However, when a potential victim clicks the "Click Here" link in the malicious email, malware is installed on their system instead.

Cybercriminals also use malicious Word documents that force the user to enable macros. One such example installs and runs the Ave Maria backdoor if a user falls for the scam and enables macros in the document. Other tax scams involve cybercriminals who submit tax documents like W-9 forms who also install malware on their devices if a user enables macros or enters the password on an encrypted document.

When it comes to avoiding tax scams every year, the first thing consumers and businesses need to remember is that the IRS will never contact you by email or phone, as the government agency prefers to do things the old-fashioned way by mail. . IRS agents may try to call you, but only after first contacting you by mail.

Just like avoiding other online scams, you should stay vigilant and not open emails from unknown senders and especially those with attachments. However, you should also avoid checking your banking and other financial apps while connected to public Wi-Fi, and if you need to check your balance, be sure to turn on your VPN first.

Share This