Tax scam season has arrived

Share this article:
With the U.S. tax filing deadline looming, cybercriminals are putting fraud efforts into high gear with tax-related phishing emails and websites designed to lure users into handing over their personal information, security firms are warning.

Fraudsters generally exploit any major holiday or event, but tax season -- the deadline to file is Wednesday -- could yield them better results because users typically expect to provide personal data during this time, Jamz Yaneza, threat research manager at Trend Micro told Thursday.

A recent scam involves phishing emails claiming to offer "tax relief" services, Yaneza said. But the messages contain links to rogue websites that ask users to provide their confidential data.

“This is just one example, but there are thousands of these going around this season,” he said.

Many of the other phishing websites and emails have centered around tax refunds by claiming to offer faster reimbursements or ways to get refunds directly deposited into a checking or credit card account, Andrew Klein, product manager at internet security vendor SonicWALL, told Thursday.

In a similar vein, last month, the Federal Trade Commission warned consumers about fake government websites related to President Obama's stimulus package. The sites claimed to offer free money by joining a grant program.

These scams are not only numerous, but the fraud emails and websites are constantly changing, Yaneza said. The websites usually only stay up for about an hour thanks to increased collaboration between the security community and internet service providers to get the sites taken down.

The scams are getting slicker and often ask for all kinds of personal data.

“The people behind these scams are getting more and more professional, and if you're not used to receiving an email like that it's easy to get taken in,” Chas Roy-Chowdhury, head of taxation for the Association of Chartered Certified Accountants, told Thursday. “It might be one in 10,000, but there will always be someone that does fall for it.”

The Internal Revenue Service does not initiate any taxpayer communications through email, the agency said on its website, which also lists tips in dealing with this type of fraud, including actual examples of phishing emails.

To avoid becoming a victim, users should be cautious about with whom they deal online during tax season, Chowdhury said. When in doubt, users should contact the IRS to verify the legitimacy of tax-related email or websites.

Share this article:

Sign up to our newsletters

More in News

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.

Researcher hacks network connected devices in own home

Researcher hacks network connected devices in own home

In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to ...

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.