With the last minute rush to get taxes filed in the the United States before the April 15 deadline tax specialists  and tax filers are being focused on with a range of IRS phishing campaigns that are trying to steal sensitive data that can be leveraged by hackers to obtain identities and submit fraudulent tax returns as they pretend to be their victims.

These campaigns are popular with cybercriminals due to the chance to make substantial profits using the submission of fake tax returns and this is true for the 2021 tax season. A number of tax season phishing attacks have been uncovered this year using phishing lures linked to tax refund payments. The phishing emails include subject lines like “Tax Refund Payment” and “Recalculation of your tax refund payment” which are likely trick the recipient’s into opening the emails. They, the emails, feature the actual IRS logo and advise recipients that they qualify to receive an additional tax refund, but in order to receive the payment they must visit a link and fill out a form. The form looks like an authentic IRS.gov form, with the page an exact replica of the IRS website, although the website on which the form is hosted is not an authentic IRS domain.

The form requests very sensitive personal information to be handed over in order for the refund to be transferred. The form seeks the individual’s name, birth date, Social Security details, driver’s license information, present address, and electronic filing PIN. For extra realism, the phishing portal also shows a popup notification which says “This US Government System is for Authorized Use Only”, which is the same warning message that is displayed on the authentic IRS web page.

The attackers seem to be focusing on universities and other educational bodies, both public and private, profit and nonprofit with many of the reported phishing emails from staff and students with .edu emails.

Educational bodies must implement measures to mitigate the danger of their staff and students being fooled by these scams. Warning all .edu account holders about the campaign is crucial as these messages are getting past Office 365 anti-phishing measures and are landing in inboxes.

Any educational body that is dependent on Microsoft Exchange Online Protection (EOP) for preventing spam and phishing emails – EOP is the default protection supplied free with Office 365 licenses – should strongly think about enhancing their anti-phishing defenses with a third-party spam filter.

SpamTitan has been designed to put in pace stronger security for Office 365 environments. The solution is placed on top of Office 365 and easily works with Office 365 email. Along with significantly enhancing spam and phishing email protection, dual antivirus engines and sandboxing provide top of the range cybersecurity in the face of malware.

For more details about SpamTitan anti-phishing security for higher education, contact SpamTitan now. You can now protect your institution by add the SpamTitan solution. There is also free trial available to test SpamTitan.