Tax season kicks off with a wave of related scams
by Steve Ragan - Feb 1 2010, 18:30Tax time is upon us, and this time of year can be a double-edged sword when it comes to preparing your taxes while considering new rebates, refunds, and changes to tax code itself. Criminals know this and have started targeting people with a surge of tax related Spam and Phishing scams.
In their latest Spam Report, security vendor AppRiver noted that in January, they saw Phishing and Malware related attacks taking aim at taxes spring up almost overnight. One noted attempt was a malicious email that attempted to deliver fake W-2s.
The email explained that an updated version of the W-2 form needed to be completed by all US-based employers. The attachment was a keylogging Trojan, delivered by way of a malicious PDF file. In January, AppRiver said that they saw similar Phishing emails targeting the IRS.
A similar story involves the HM Revenue & Customs (HMRC) in the UK. According to another security vendor, Trusteer, a Phishing scam involving an HMRC tax refund is making rounds, and is proving to be a tempting offer to many tax payers.
“Our research of millions of Internet users shows that the HMRC attacks are twice as successful as banking Phishes for the simple reason that taxpayers are tempted by the prospect of a cash rebate direct to their bank account. The `carrot' of free cash also persuades many Internet users to lower their normal credulity guard…,” said Mickey Boodaei, Trusteer's CEO.
Trusteer explained that the victim lands at a Web page that is similar to the HMRC Web site, which is the start of the Phishing scam. From there, they are requested to click on their bank's logo, as most attacks will show logos for 5 to 10 UK banks. When the victim clicks on one of the logos, they arrive at a fraudulent Web site that looks like the bank where they are requested to log on.
Boodaei says that the rate of HMRC phishing attacks has been constant throughout the year. About one in each three financial Phishing attacks in the UK is targeting HMRC. "It's at this point their login information is being stolen," he said.
Trusteer has found that HMRC is the perfect phishing target for various reasons. First, it allows criminals to set one page and send one email message targeting several banks at once, which if you are honest, is a seriously efficient method of doing things. Second, while many Internet users know not to follow links to their bank's Web site, a message from HMRC seems less suspicious. In addition, Trusteer added, less educational effort has been put in place warning of the risks surrounding HMRC emails.
Many of the phishing pages are hosted on legitimate compromised sites, and Trusteer said that they have seen government pages across the world hosting HMRC Phishing attacks.
According to Boodaei, when Internet users receive what appears to be a free cash giveaway, or deal that looks very tempting, the first thing they should do is move away from the computer and have a drink. (Coffee or tea perhaps). They should then sit down with their beverage, fire up a search engine and look for reports of a possible scam on the Net.
For example, he says, entering the words `HMRC tax refund email' into Google returns a series of links, the first one of which says: HM Revenue & Customs (HMRC) would not inform customers of a tax rebate via email, or invite them to complete an online form to receive a rebate of tax...' This search engine approach works well with most emails that appear to be too good to be true, as the chances are that other Internet users have received a similar message and carried out their own research.
Just remember that the IRS or any other tax agency would never email you random forms, unless you asked for them personally, and even then it’s a stretch. In addition, be skeptical of random rebate offers.
Comment on this Story