With Tax Day just around the corner, criminals are working hard to steal hard workers yearly refund checks, with losses expected to skyrocket compared to years prior.
The IRS has estimated income tax fraud will cost U.S. taxpayers roughly $21 billion in 2016, a drastic increase from $6 million back in 2014. Criminals will steal information in various different ways, like falsely filing tax returns, convincing victims they owe money for back taxes, or tricking people into sending personally identifiable information that is then sold on the dark web.
While these scammers use different means of attack to gain this sensitive information, there’s one tried and true method that is primarily used- the phishing scam. Some scammers use the scare tactic method, where an individual is victimized via email claiming he or she owes the government money and if unpaid, they’ll be arrested or have their account frozen.
Some criminals go with a different approach, a more helpful approach, or so it seems. With this tactics, victims receive an email claiming there’s a problem with their taxes, but if they fill out the attached form with their personal information that the issue will be resolved. This information is then stolen and sold on the dark web.
Some scammers are even working to catch the phish spotters off guard. For years we’ve been told to steer clear of emails with links, attachments, or forms to fill out, and these scammers know that. They’re now sending victim’s emails without any of the phishing alarm bells present, only asking for a few bits of information and waiting for you to hit send.
While phishing scams may be highly affected, U.S. taxpayers need to keep one important point in mind- you will never receive an email requesting information from the IRS- only from the U.S. Postal Service.
Another common means of attack is using falsified tax returns to claim an individual’s return. In this instance, criminals use information stolen, generally by swiping W-2 forms from companies or by stealing medical records, and simply file a tax return before the victim is able to. Once the victim sends in their real tax return, their immediately notified that one has already been filed. What can you do in this case? File before the bad guys get a chance to!
What’s most frustrating is that even if you follow these tips, you still can’t be 100% secure. A month ago the IRS was breached, again, and was hit by a malware attack that allowed hackers to compromise roughly 700,000 files by hacking into the IRS’ ‘Get Transcript’ application.
Cyber-attacks against government agencies are growing at an unprecedented rate, and it’s time for all government agencies dealing with sensitive data like social security numbers to implement best in class cyber security solutions that will secure their digital doors from hackers.
With NNT's Change Tracker Gen7, your organization will come equipped with intelligent file integrity monitoring, compliance management, system hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible.