Phishing and Adware Marks US Tax Season
Bitdefender has detected two types of scams that impersonate the Internal Revenue Service to phish for US citizens identification data as the country nears the end of tax season.
The refund phishing scams promise users thousands of dollars in tax rebates and silently steal sensitive authentication data through phishing forms. The collected info is likely later sold on underground markets and used to steer rebate money into unauthorized accounts.
The bogus messages contain either links that open fraudulent websites or fake registration forms sent as attachments to collect sensitive data about taxpayers that will eventually help fraudsters impersonate the innocent or even collect tax refunds in their names. The IRS unintentionally refunded $4 billion to identity thieves in 2011, according to a report by the Treasury Inspector General for Tax Administration.
Once someone gives away information such as full name, date of birth, address, phone number, card number and expiry date and security code, there is no stopping the crook from steering victims’ tax returns toward their accounts or impersonating them in future fraud.
Security researcher Brian Krebs writes that the data needed for such fraud can be found in underground “shops” where crooks purchase lists of people’s identification data. Such a forum can sell data from tens of thousands or even millions of Americans.
US citizens who think they might have fallen victim to an identity theft or work with a company that reported a security breach should contact the Identity Protection Specialized Unit of the IRS toll-free at 1-800-908-4490 and let them know of the suspicion.
Another protection step would be applying for a taxpayer-specific PIN that will be required anytime a tax related claim is filed. To apply for such a PIN, check the IRS’s dedicated webpage here.
Further information on how to protect your identity and avoid tax fraud is provided by the Federal Trade Commission homepage.
This article is based on spam samples provided courtesy of Ionut-Daniel RAILEANU, Bitdefender Anti-Spam Researcher.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021