A man examining a tax form with a confused expression.

Tax Season Phishing Emails Target Small Businesses

Tax season might leave a sour taste in most taxpayers’ mouths, but for some fraudsters, it’s a prime hunting ground. That’s why it’s not shocking that researchers have found another tax fraud.

Phishing scams target people’s Social Security numbers through tax-related emails. Cybercriminals are using these attacks to trick small company owners and self-employed filers into exposing sensitive information.

It seems that these social engineering con artists have very little funding and frequently use cheap email lists that are directed at US citizens who work for themselves.

This insight is based on Malwarebytes Labs’ recent research. The report highlights that such email lists can be obtained for as little as a few cents each, sourced from either the Dark Web or legitimate lead brokers.

The initial phishing email includes a simple link to apply for a federal Employee Identification Number (EIN) or tax identification number. These are essential for small enterprises and self-employed individuals to submit US federal income taxes by April 15.

These emails often include a link that, when clicked, takes you to a fake website that appears to be authentic. It’s possible that you’ll be prompted to input private information like your Social Security number there.

Phishing Scam Targets Taxpayers with Fake EIN Application
Phishing Scam Targets Taxpayers with Fake EIN Application (Malware Labs)

According to the Malware Labs report:

A compromised Social Security number poses a major problem. An SSN stays with you for a lifetime and is closely tied to your banking and credit history. Adding a person’s SSN to the scammers’ data could create far more opportunities for identity theft and fraud.

The IRS provides free EINs and tax ID numbers. However, cyber criminals recognised a chance to extract further funds from their victims.

Malware Labs found a critical vulnerability in the scammer’s website format. It became clear from reading the privacy statement on the website that they had missed a small element. They overlooked removing the original domain from one specific section of the privacy policy in their rush to replicate it from another source.

Privacy Policy Scammer's Overlook Shows Mistake
Privacy Policy Scammer’s Overlook Shows Mistake (Malware Labs)

How to Avoid Tax Cyber Scams and Keep Your Money Safe?

It becomes more important as reporting deadlines approach near to warn people about tax frauds like the one mentioned. The report’s author and Malwarebytes intelligence researcher Pieter Arnzt highlights the significance of spreading awareness to stop the spread of malware.

The IRS never uses social media, text messaging, or email to request financial or personal information. This includes confidential data like bank account numbers, credit card PINs, passwords, and access codes. It’s essential to avoid responding to these types of requests, clicking on links, or opening documents.

Check IRS.gov for the letter, notice, or form number if you’re not sure if a message is officially from the IRS. You will find instructions on how to reply if it’s authentic. If there is a form to complete, be sure it is the same as the form by searching forms and instructions on IRS.gov.

Phishing attacks are on the rise, and it is important to protect your organisation. One effective way to do this is by increasing user awareness about these types of attacks. Phishing Tackle is a great resource that can help you in this regard. They offer a free 14-day trial to help train your users to recognise and avoid phishing attacks. 

Although technology can be helpful, it cannot spot 100% of phishing emails. Therefore, user education is important to minimise the impact of any successful attacks. Consulting with Phishing Tackle can provide valuable insights and tools to help you strengthen your defences against phishing attacks.

Recent posts