It's that time of year again and with millions of Americans scratching their heads trying to
create an online account with the IRS, cybercriminals are busy taking advantage of vulnerable taxpayers with a wide variety of scams. In an email to TechRadar Pro, cybersecurity firm Proofpoint provided additional information on the top types of tax season phishing scams consumers and businesses should be aware of this year. While there are a few main IRS-related phishing archetypes, there are actually hundreds of different variations that use attack vectors like emails, text messages, and even actual phone calls. One of the leading tax scams involves cybercriminals attempting to gain access to a user's personally identifiable financial information (SSN, W2, unemployment compensation details, etc.) in an attempt to redirect a tax refund to an account controlled by the attacker. At the same time, cybercriminals and scammers also try to access financial information to spy on a company or even directly monetize it by reselling it on online hacking forums.
Cybercriminals also try to access a user's account credentials with the goal of taking over your online accounts to steal funds or even commit identity theft. In all of these cases, threat actors are likely leveraging the IRS brand because they are pretending to be a tax authority, either by communicating that legitimate information is needed, such as a change to a form or process, or by attempting to collect payment. In addition, Proofpoint has observed a variety of non-IRS tax scams in which cybercriminals advertise their "tax preparation services."
How to spot tax season phishing and tax scams?
When it comes to malicious content used in tax season phishing, cybercriminals are deploying the same tactics they use all year, but this time the number of potential victims is even higher because all American adults are required to file their taxes every anus. A tax scam observed by
Proofpoint involves threat actors posing as the IRS with the demand for an additional refund. However, when a potential victim clicks the "Click Here" link in the malicious email, malware is instead installed on their system. Cybercriminals also use malicious Word documents that force the user to enable macros. One such example installs and runs the Ave Maria backdoor if a user falls for the scam and enables macros in the document. Other tax scams involve cybercriminals submitting tax documents such as W-9 forms who also install malware on your devices if a user enables macros or enters the password on an encrypted document. When it comes to avoiding tax scams every year, the first thing consumers and businesses need to remember is that the IRS will never contact you by email or phone, as the government agency prefers to do things the old-fashioned way by mail. . IRS agents may try to call you, but only after first contacting you by mail. Just like avoiding other online scams, you should stay vigilant and not open emails from unknown senders and especially those with attachments. However, you should also avoid checking your banking and other financial apps while connected to public Wi-Fi, and if you need to check your balance, be sure to turn on your VPN first.