3 min read

Tax-related phishing scams and malware attacks have quadrupled, says IRS

Graham CLULEY

February 24, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Tax-related phishing scams and malware attacks have quadrupled, says IRS

tax-return-600

The IRS says that the number of reports it has received of phishing and malware schemes targeting US consumers have rocketed this tax season – claiming that it has seen an “approximate 400 percent surge”.

Across the country official-looking communications are being received, claiming to come from the IRS and companies that develop accounts software and provide services for assisting in the preparation of tax returns. And the tax-related criminal campaigns are not just being distributed via email, but are also being sent via SMS text messages.

Often the fraudulent communications attempt to crowbar personal information out of innocent tax payers, or verify passwords and PIN information.

The reason for the attacks? Yes, online criminals want to exploit innocent victims’ personal tax details, and use them to file false tax returns. But on many occasions the attackers will often simply use tax as a lure to trick users into endangering their computer’s safety in the first place, before planting ransomware or other malicious attacks onto a victim’s PC.

In all, the IRS says it has had 1,026 malware and phishing incidents reported to it already this year, compared to 254 in the same time period last year. And with the official tax deadline still two months away, it’s clear that the problem is only going to get worse.

It’s clear that things have got pretty bad when you see what Intuit, the developer of well-known accounting software for individuals and small businesses such as TurboTax, Mint, QuickBooks and Quicken, is doing about it.

To its credit, Intuit maintains an online security center which is regularly updated with details of new email scams that have targeted its customers.

Here is just one of the examples of scams seen this week, posing as message from TurboTax, and urging unsuspecting customers into clicking on a dangerous link in order to “reactivate” their account.

turbotax

Aside from phishing attacks, some fraudsters are also attacking computer users with malicious emails that link to websites harbouring keylogging spyware.

IRS Commissioner John Koskinen has warned users to be wary of unexpected tax-related emails in their inbox:

“This dramatic jump in these scams comes at the busiest time of tax season. Watch out for fraudsters slipping these official-looking emails into inboxes, trying to confuse people at the very time they work on their taxes. We urge people not to click on these emails.”

The IRS has, of course, been of interest to online organised criminals for years and the idea of duping users into handing over their personal information by pretending to be the taxman is nothing new. But things got more serious last year, when as many as 334,000 taxpayer accounts were breached.

I suspect what makes tax-related scams and malware attacks so successful, however, is that – unlike online businesses – we cannot chose *not* to deal with the IRS and other tax agencies around the world. So, for many people, a communication from the taxman or from a software vendor that provides tax services doesn’t seem so strange – and they let their guard down.

Stay clued up about the latest threats, and always exercise a healthy skepticism about the messages that arrive in your inbox, and the text messages you receive on your phone.

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Unknown Person Zoom-Bombs Meeting in Italian Parliament and Blasts Anime Adult Content Unknown Person Zoom-Bombs Meeting in Italian Parliament and Blasts Anime Adult Content
Silviu STAHIE

January 21, 2022

1 min read
FBI Links Diavol Ransomware to Trickbot, Offers IOCs and Mitigations FBI Links Diavol Ransomware to Trickbot, Offers IOCs and Mitigations
Filip TRUȚĂ

January 21, 2022

2 min read
Data of 500,000 already vulnerable people stolen from Red Cross Data of 500,000 already vulnerable people stolen from Red Cross
Radu CRAHMALIUC

January 20, 2022

1 min read