Filing Your Taxes- Watch Out for Phishing Scams

Online Phishing

For a long time, taxpayers had been notified by the Internal Revenue Services – IRS, to be cautious of online phishing where in crooks impersonate the organization utilising fake emails, websites or text messages to get hold of sensitive information. Online phishing had beaten an agency’s `dirty dozen’ list with the most predominant scams, last month.

However scammers tend to do much more than deception as the Internal Revenue Services. Designing fake online accounting tools such as QuickBooks have been done by some and still others pretend to be tech support agents.

Over 100 websites have been discovered by cyber-security firm `Lookout’which had been registered and designed to trick people attempting to file their taxes. The objective of the domain is to hook enormous groups of potential victims. As per the Internal Revenue Services, over 135 million Americans had filed their taxes electronically last year.

Domains Created to Gain Login Credentials 

It was also observed by Lookout that online phishing by the tax scammers had begun early and in December dozens of the websites had been designed from the time people had started receiving their W-2 forms. It is said that some were also tricked in the United Kingdom.

Several of the domains seemed to be created to get hold of login details or sensitive information such as passport number through online phishing. While the other types persuaded users to download malicious software.

A basic scam which was discovered by Lookout, were sites which would copy accounting tools from the company Intuit. They design popular software such as Quickbooks and TurboTax. It is said that these sites tend to utilise similar domain names like the real ones, namely `quickbook ltd.com’ or `accounts-quickbooks.com’ Most of the time these domains are created with the intention online phishing and stealing the login details of the users for the genuine sites.

 

Approach of Attack – SEO Optimization

It was also discovered that a type of site appeared to fit a classic online scam during the tax term, posing to be tech support. Most of the users do not tend to use tax software often and hence it was useful for most of the users to use it for assistance while navigating through it. Online phishing sites, such as `quickbooksupport.com and `quickbooks-helpline.com, unfortunately tend to wait for them.

According to security intelligence researcher at Lookout, Jeremy Richards, had stated that the approach of attack is an SEO optimization thing which means that the scams tend to catch users who could be navigating sites such as Google or Bing for assistance.

Support service posing as `support’ technicians at the 1-800 number listed at these sites usually ask for remote access to user’s system with the intention of stealing important information. Other tricks are to utilise the number to sell fake and unwanted software. Identical sites have also been created to imitate the technical support of Apple and the podcast Reply All did an examination in 2017, on similar tech support fraud.

Malevolent Marketing Network

Richard also found more than 50 tax connected domains belonging to the same malevolent marketing network. The modus operandi of the scam is not certain. However when the users visit the site, they are then directed to download malware concealed in the guise of software updates. This is a clever way of online phishing and getting hold of login details or sensitive information.

According to Richard, online phishing sites redirects the user to Google if they don’t arrive at the correct phishing trap, else they present a 404 error. Lookout utilised AI too designed in 2017 in order to get to know about the tax scams. This tool monitored the internet infrastructure organizations such as the companies offering free web hosting, for suspicious types of domains. With the help of this tool, Lookout located thousands of new online phishing sites daily and regularly cautioned companies whose websites were being hacked by the scammers.

Utilise Password Manager 

The tool was unable to provide clear information on the working of the same since it only watched for the websites. For instance if the scammer would send an email prompting the user to click on a fake IRS link, the same could be detected by Lookout though not the email. Richard commented saying `it’s like we see blood on the floor but do not know where the knife is’.

Some of the other scams reported, were found using social media in targeting users providing fabrication of fake tax breaks to gain sensitive information.According to IRS, these scammers tend to get in touch with users through mail and not through email. If one has not received a letter then it is uncertain of any electronic communication coming from the agency is genuine. Sincere tech support agents need not see the user’s screen or gain login information to assist the users.

It is always a good suggestion to utilise password manager rather than reusing the same password for various accounts. There is plenty to learn on the various operations of the scammers. However in the meanwhile users need to be cautious and alert with these scammers and be free from online phishing.