Wit the advent of tax season the arrival of the annual scams targeting tax professionals has also begun. Every year as the tax filing deadline approaches, hackers conduct scams in order to steal electronic filing identification numbers (EFINs).
In the United States, the Internal Revenue Service (IRS) allocates EFINS to tax professionals and individuals to allow them to file tax returns digitally. If hackers get hold of obtain these EFINs they can file fraudulent tax returns in victims’ names to obtain tax rebates. once in possession of an e-file number of a tax professional tax returns can be submitted for many individuals, so these scams can be very profitable.
These scams typically begin with a phishing email using a trick the someone into visiting a malicious website where they are asked to hand over information or upload documents that contain sensitive data. Alternatively, recipients are told to install software allows the hackers full control of the victim’s device.
In a lot of cases the spam emails pretend to be the IRS informing tax professionals to provide information or documents in order to stop the suspension of their account. When met with this threat, tax professionals may provide the requested details.
One of the phishing emails recently uncovered pretended to be from the IRS by using the sender name “IRS Tax E-Filing,” with the subject line “Verifying your EFIN before e-filing.” The emails looked real and required “authorized e-file originators” to reverify before filing returns through the IRS system. The emails claimed the IRS had begun using this new security measure to prevent unauthorized and fraudulent behaviour. The scammers asked for a PDF file/scan of the EFIN acceptance letter and both sides of the person’s driver’s license. Similar scams have been completed that require tax preparers’ ID numbers and e-services usernames and passwords to be handed over.
This year, along with the normal phishing emails spoofing the IRS, campaigns have been discovered where the hackers claim to be possible clients searching for tax preparers ahead of the filing deadline. Attachments are provided that would normally be required by tax preparers, but they are laced with malicious scripts that download keylogging malware that records and exfiltrates keystrokes, with are likely to include usernames and passwords.
Tax experts that fall victim to these scams can have catastrophic damage inflicted on their good name, so it is crucial to use caution when opening any emails and to stop and think carefully about handing over sensitive information or downloading files or software
One of the simplest ways to safeguard from these scams is to put in place an advanced spam filtering solution that can identify and block these dangerous messages. SpamTitan is a powerful email security solution that identifies and prevents malware and documents containing malicious scripts with dual antivirus engines, sandboxing, and machine learning methods. Along with blocking malware threats, SpamTitan is excellent for blocking phishing emails containing malicious URLs.
The award-winning spam filter is simple and straightforward to configure and manage, requiring no technical know how. For more details about SpamTitan, call the the SpamTitan team now.