Security News > 2022 > March > Beware of old and new tax-themed scams and schemes

Beware of old and new tax-themed scams and schemes
2022-03-28 09:29

"Many of us receive text messages from scammers impersonating a variety of companies including the IRS. While this may seem legit, the IRS does not use text messages for personal tax issues nor do they send taxpayers messages on social media especially in regards to bills or refunds," Lookout researchers caution.

Phone scams impersonating the IRS and leaving pre-recorded, threatening or urgent messages are also abundant, and so are emails that appear to be from the IRS or affiliated organizations and ask taxpayers to share sensitive information.

"Threat actors often put in the least amount of work possible for a maximum return, sending out phishing emails to thousands of targets. Even if less than one percent of victims respond, the return on investment is still significant due to the gain of personally identifiable information and/or establishing a foothold within an organization using stolen credentials, malware, or other means," Fortinet researchers Shunichi Imano and Val Saengphaibul noted, and warned about recent campaings involving IRS-themed email delivering Emotet and a W-8 themed tax scam.

Trend Micro warns about the usual tax refund scams, stimulus payments scams, and phone scams during which the scammers pretend to be from the IRS Taxpayer Advocate Service and ask for the target's SSN, Individual Taxpayer Identification Number, or Identity Protection PIN. Avanan researchers have documented yet another innovative approach: hackers are spoofing popular fintech apps like Stash and Public to trick users into sharing their login credentials and personal information.

"Further, these sorts of scams may catch users off guard. They may not be expecting tax documents from these apps, inducing them to click. Since most of these services are mobile-first, users may receive this on their phone and may forget about typical cyber hygiene."

The IRS has implemented some additional protections last year to help taxpayers avoid identity theft and is contantly issuing alerts about specific approaches scammers and fraudsters are using to target individuals and organizations, as well as offering advice on minimizing exposure to fraud and identity theft.


News URL

https://www.helpnetsecurity.com/2022/03/28/tax-themed-scams/