4 min read

Fraudsters Build Up Phishing Repertoire for 2021 Tax Season. Are You Ready?

Alina BÎZGĂ

February 03, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Fraudsters Build Up Phishing Repertoire for 2021 Tax Season. Are You Ready?

As millions of US taxpayers prepare for 2021 tax season, hordes of fraudsters and scammers are preparing to rip off residents and non-residents alike.

Fraudsters had an early start anticipating the buzz surrounding tax filing season, with phishing campaigns impersonating the government agency as early as November 25, 2020, according to Bitdefender Antispam Lab.

Spikes in IRS-related phishing scams were noticed January 19 and 21 when most the incoming agency-related correspondence was marked as spam.

This warm-up was no coincidence, since the 2020 fiscal year raked in $2.3 billion in tax fraud, according to the agency”s annual report.

Identity thieves used stolen Social Security numbers and other personally identifiable information (PII) to file early tax returns in the name of legitimate taxpayers, or used petty scare tactics to frighten recipients into making immediate payments to avoid arrest or deportation.

Know the digital you to protect the real you with Bitdefender”s Digital Identity Protection tool.

Identity thieves use fake W-8BEN Forms to targets non-residents once again

Fraudsters are targeting non-residents in the US using a fake version of the W-8BEN Form (Certificate of Foreign Status of Beneficial Owner for United States Tax Withholding and Reporting) to steal sensitive data.

This version of the scam has been spotted over 80,000 times since November 25, 2020, with with more noticeable spikes expected to hit inboxes up until the April 15 deadline.

Unlike traditional phishing, which requires recipients to access a spoofed website or download a malicious attachment, scammers have set up a fake fax number where recipients must forward their information. You don”t access a malicious attachment or link. The fake version will tell you to provide particular information not included in the legitimate W-8BEN US tax exemption document, such as your passport number, profession, mother”s maiden name, bank account name and number and investments.

Fake version of the W-8BEN form

The genuine format of the tax exemption document looks like this:

Original W-8BEN form version

shows that it also targets US citizens, who are also asked to return it alongside a copy of their passport within 7 working days.

“If you are a USA Citizen and resident, this W-8BEN Form is not mean for you, please indicate USA Citizen/Resident on the form and return it to us,” the email reads. “We shall then send you a form W9095.” The W9095 form referred to in the body of the email does not exist. It”s merely used to deceive unsuspecting taxpayers.

IRS phishing email sample

Other IRS impersonation scams

Fraudsters have also recycled older versions of IRS impersonation scams by leveraging the Economic Impact Payments as part ofThe Coronavirus Aid, Relief, and Economic Security (CARES) Act.

In one version, targets are sent an email notifying them they are eligible for a second Economic Impact Payment and asked to submit their deposit details. The email also includes an attachment, claiming to outline the necessary steps and information for taxpayers. Once accessed, it will infect the recipient”s device with credential-stealing malware.

IRS coronavirus tax relief scam

A separate phishing email impersonating acting IRS Commissioner Charles P. Rettig attempts to dupe recipients into paying a one-time fee to receive over $10 million in funding.

IRS Commissioner Impersonation scam

How to spot and protect against IRS impersonation scams

Despite multiple IRS awareness campaigns run by the IRS, fraudsters and identity thieves continue to scam taxpayers across the country. You can easily check the validity of IRS-related correspondence by keeping in mind that:

  • The IRS will not ask you for down payments or fees to receive your refunds early
  • The agency will not contact you via electronic mail, text messages or social media to request your personal or financial information
  • IRS agents will not seek out citizens and bully them into paying for expedited tax returns

On top of a dedicated security solution that can protect you against phishing and malware attacks, good cyber hygiene is key to avoid becoming another identity theft statistic this year:

  • Don”t respond to unsolicited correspondence posing as legitimate IRS notifications
  • Never provide banking information, PIN codes or passwords
  • Check the email for spelling and grammar mistakes
  • Do not open attachments or click on embedded links
  • When in doubt, visit the IRS official website for additional information
  • Report any suspicious activity via the dedicated IRS Scam reporting tool

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Data breaches affected over 422 million people in 2022, Identity Theft Resource Center says Data breaches affected over 422 million people in 2022, Identity Theft Resource Center says
Alina BÎZGĂ

January 30, 2023

2 min read
Dutch hacker arrested for allegedly selling data of 9.1 million Austrian citizens Dutch hacker arrested for allegedly selling data of 9.1 million Austrian citizens
Alina BÎZGĂ

January 27, 2023

2 min read
Equity research provider in the US discloses data breach affecting over 800,000 customers Equity research provider in the US discloses data breach affecting over 800,000 customers
Alina BÎZGĂ

January 26, 2023

1 min read