2 min read

Phishing and Adware Marks US Tax Season

Loredana BOTEZATU

March 31, 2014

Phishing and Adware Marks US Tax Season

Bitdefender has detected two types of scams that impersonate the Internal Revenue Service to phish for US citizens identification data as the country nears the end of tax season.

The refund phishing scams promise users thousands of dollars in tax rebates and silently steal sensitive authentication data through phishing forms. The collected info is likely later sold on underground markets and used to steer rebate money into unauthorized accounts.

The bogus messages contain either links that open fraudulent websites or fake registration forms sent as attachments to collect sensitive data about taxpayers that will eventually help fraudsters impersonate the innocent or even collect tax refunds in their names. The IRS unintentionally refunded $4 billion to identity thieves in 2011, according to a report by the Treasury Inspector General for Tax Administration.

Once someone gives away information such as full name, date of birth, address, phone number, card number and expiry date and security code, there is no stopping the crook from steering victims’ tax returns toward their accounts or impersonating them in future fraud.

Security researcher Brian Krebs writes that the data needed for such fraud can be found in underground “shops” where crooks purchase lists of people’s identification data. Such a forum can sell data from tens of thousands or even millions of Americans.

US citizens who think they might have fallen victim to an identity theft or work with a company that reported a security breach should contact the Identity Protection Specialized Unit of the IRS toll-free at 1-800-908-4490 and let them know of the suspicion.

Another protection step would be applying for a taxpayer-specific PIN that will be required anytime a tax related claim is filed. To apply for such a PIN, check the IRS’s dedicated webpage here.

Further information on how to protect your identity and avoid tax fraud is provided by the Federal Trade Commission homepage.

This article is based on spam samples provided courtesy of Ionut-Daniel RAILEANU, Bitdefender Anti-Spam Researcher.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read