Phishing threats return ahead of tax season in the US

As the Internal Revenue Service (IRS) has delayed the deadline for its annual Tax Day, US citizens have been given a bit more time to get ...

As the Internal Revenue Service (IRS) has delayed the deadline for its annual Tax Day, US citizens have been given a bit more time to get their taxes in order. However, this delay has also given cybercriminals additional time to prepare their tax-themed phishing lures.

At the end of March, the IRS issued a security alert in which it warned of an ongoing email-based impersonation campaign targeting education institutions as well college students and staff with “.edu” email addresses. In addition to educational institutions, the cybersecurity firm Proofpoint has also observed similar threats targeting dozens of verticals from manufacturing to healthcare to energy.

While cybercriminals take advantage of tax season each year to launch tax scams to steal money and sensitive information, this year is particularly unique due to the fact that threat actors are combining their typical tax lures with healthcare and other pandemic-related lures.

So far in 2021, Proofpoint has observed over 30 tax-themed malicious email campaigns and more than 800,000 email messages, according to a new blog post from the company. These emails include attempts to compromise users' personal email accounts and steal their personal data. Proofpoint also observed multiple campaigns aligned with business email compromise activities that can be used to facilitate payroll fraud which can cost organizations millions.

Tax-themed phishing threats

The over 30 discrete campaigns observed by Proofpoint have targeted thousands of people from multiple threat actors that used malicious email lures associated with taxes, tax and refund support and government revenue entities. At least four different threat actor groups tracked by the firm have launched tax-themed malicious email campaigns in 2021.

Credential theft phishing attempts accounted for 40 percent of the campaigns and these can be used to target individuals or for email account takeovers. Remote Access Trojans (RAT) were used in 17 percent of the campaigns and while fewer campaigns featured RATs, they were far more popular in total message volume. 

Half of the tax-themed campaigns and related messages contained malware that is used to distribute the Remcos RAT which has extensive data theft and surveillance capabilities. Other tax-themed malware distribution campaigns observed by Proofpoint included Dridex, TrickBot and ZLoader.

Last year, cybercriminals increasingly used Excel 4.0 (XL4) macros to distribute malware and this trend has continued in 2021. Proofpoint observed a 500 percent increase in tax-themed email threat campaigns delivering weaponized XL4 Macros in just the first three months of this year.

To prevent falling victim to tax-themed phishing campaigns this tax season, Proofpoint recommends that users learn to spot malicious emails and report them. At the same time though, it is imperative that US citizens remember that the IRS will never contact you over email, text messages or social media and will instead send you a letter by mail.

from TechRadar - All the latest technology news https://ift.tt/3e4R7RL



Apps,3855,Business,147,Camera,1154,Earn $$$,1,Gadgets,1739,Games,924,Innovations,1,Mobile,1695,Paid Promotions,2,Promotions,2,Technology,7933,Trailers,795,Travel,36,Trendly News,19843,Video,4,XIAOMI,12,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Phishing threats return ahead of tax season in the US
Phishing threats return ahead of tax season in the US
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy