It’s that time of the year again and while millions of Americans are scratching their heads trying to set up an online account with the IRS (opens in new tab), cybercriminals are busy preying on vulnerable taxpayers with a wide variety of scams.
In an email sent to TechRadar Pro, the cybersecurity firm Proofpoint (opens in new tab) provided further insights on the main types of tax season phishing scams (opens in new tab) both consumers and businesses need to look out for this year. While there are a few main IRS-related phishing archetypes, there are actually hundreds of different variations that use attack vectors like email, text messages and even actual phone calls (opens in new tab).
One of the main tax scams involves cybercriminals attempting to gain access to a user’s personally identifying financial information (SSN, W2, unemployment compensation details, etc.) for the purpose of rerouting a tax refund (opens in new tab) to an attacker-controlled account. At the same time, cybercriminals and scammers also try to gain access to financial information to carry out espionage on a company or even to monetize it directly by selling it on online hacking forums (opens in new tab).
Cybercriminals also try to gain access to a user’s account credentials with the aim of taking over their online accounts to steal funds or even to commit identity theft (opens in new tab).
In all of these cases, threat actors are likely to leverage the IRS brand (opens in new tab) as they…
