Security News

Add 'ransomware' to the list of certainties in life? Notorious ransomware gang LockBit claims once again to have compromised eFile.com, which offers online services for electronically filing tax...

Add 'ransomware' to the list of certainties in life? Notorious ransomware gang LockBit claims to have compromised eFile.com, which offers online services for electronically filing tax returns with...

eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware. Security researchers state the malicious JavaScript file existed on eFile.com website for weeks.

A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue Service and companies you work with. Emotet is a notorious malware infection distributed through phishing emails that in the past contained Microsoft Word and Excel documents with malicious macros that install the malware.

The Internal Revenue Service warned Americans of an exponential rise in IRS-themed text message phishing attacks trying to steal their financial and personal information in the last few weeks. Such scam texts redirect U.S. taxpayers to phishing landing pages designed to collect sensitive information using various baits.

The IRS has been granted a court order to collect records from a bank the agency said will help it identify US taxpayers who failed to report taxable income from crypto trades. Uncle Sam yesterday said it's specifically going after records from New York-based bank M.Y. Safra, which partnered with SFOX - a cryptocurrency prime broker - to offer the latter's customers access to cash-deposit bank accounts.

On Friday, the IRS disclosed that in addition to sharing Form 990-T data for charities, they also accidentally included data for taxpayers' IRAs that was not meant to be public. "The IRS recently discovered that some machine-readable Form 990-T data made available for bulk download section on the Tax Exempt Organization Search should not have been made public," the IRS disclosed on Friday.

Cybercriminals are leveraging advanced tactics in their phishing-kits granting them a high delivery success rate of spoofed e-mails which contain malicious attachments right before the end of the 2021 IRS income tax return deadline in the U.S. April 18th, 2022 - there was a notable campaign detected which leveraged phishing e-mails impersonating the IRS, and in particular one of the industry vendors who provide solutions to government agencies which including e-mailing, digital communications management, and the content delivery system which informs citizens about various updates. The IT services vendor actors impersonated is widely used by major federal agencies, including the DHS, and other such WEB-sites of States and Cities in the U.S. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

IRS warns consumers and businesses of common scams during tax season. Tax season is prime time for phone scams, the IRS cautions.

The Emotet malware botnet is taking advantage of the 2022 U.S. tax season by sending out malicious emails pretending to be the Internal Revenue Service sending tax forms or federal returns. Emotet is a malware infection distributed through phishing emails with attached Word or Excel documents containing malicious macros.