wonderfully unique software solutions

Malwarebytes warns of phishing risk as tax year deadlines approach

Beware of potential scammers looking to take advantage of upcoming tax filing and compliance activity, whether you’re an individual or an organisation.

That’s the message from Christopher Boyd, lead malware intelligence analyst at Malwarebytes and a former director of research for FaceTime Security Labs.

“Tax season is upon us and, like every year, we’re seeing tax scammers rearing their heads,” Boyd wrote in this Malwarebytes labs post.

Boyd said that Emotet-based phishing attacks in circulation have been spotted by Malwarebytes’ senior director of threat intelligence. For example, a US-based attack was uncovered hidden in an email with the subject line ‘IRS Tax Forms W-9’ that looked to have been sent from an IRS online centre.

Opening the ‘Tax Form W-9’ document attached to the email launched an Emotet attack.

“Opening the document quickly becomes a game of Macro-related risk. Macros, used to automate aspects of your documents, are a tried and tested way of infecting a PC with malware,” noted Boyd.

In the USA, a Form W-9 is a form used to confirm taxpayer’s personal details with that country’s Inland Revenue Service (IRS), such as name, address and tax number.

Phishing emails and other communications purporting to be from Her Majesty’s Revenue & Customs (HMRC) in the UK are also especially commonplace at tax time, with multiple examples and what to look out for described here.

Threats can be disguised as legitimate QR codes, text messages, news-related scams, refunds or rebate communications, phone calls and voice messages, WhatsApp messages, social media communications, customs duty communications and more.

Boyd said that organisations and individuals should consider filing early when tax time comes around.

“One of the quickest ways to stumble into a trap is to leave filing your tax return until the last minute. That added pressure can mean responding to fake mails you otherwise would have ignored,” he said.

Boyd said tax agencies typically have a specific process for issuing refunds. HMRC, for instance, does not issue refunds via emailed media. If in doubt, phone the tax office directly and ask if what you have is real or phony.

Also, beware of fake bank portals. Always navigate directly to your banking website, avoiding click-throughs and redirects wherever possible, said Boyd.

“Claims of only having 24 or 48 hours to file for a refund should be treated with scepticism,” he added.

Emotet in particular has been named a top-five cyberthreat for businesses in Malwarebytes’ 2023 State of Malware report, he said.

“Flagged by Europol as the world’s most dangerous malware, law enforcement has never quite been able to shut it down permanently despite its entire global infrastructure being taken offline in 2021,” Boyd pointed out.

“Emotet’s ability to push additional forms of malware onto target systems including threats like TrickBot, IcedID, and Conti ransomware make it a formidable proposition for any security team.”

( Photo by CDC on Unsplash )

Recent Articles

N-able teams up with US cybersecurity agency on RMM tactics

Remote monitoring and management (RMM) software vendor N-able has announced it is working with the US Cybersecurity and Infrastructure Security Agency (CISA)...

Nitro with Level Access launches accessibility upgrade for PDF management

E-documentation company Nitro has teamed up with digital accessibility as a service provider Level Access on an accessible version of the former's...

CoreView expects further sales growth as Microsoft launches ‘disruptive’ tools

Microsoft 365 (M365) management software vendor CoreView is gearing up for greater demand, predicted to be fuelled further by AI adoption via...

Keeper Security expands global reach with new investments in zero-trust security

Keeper Security has opened an Asia-Pacific (APAC) headquarters in Japan, reflecting increased global interest and investment in unified, zero-trust enterprise passwords, secrets...

iSpring follows Salesforce integration with Albato no-code automation

Edtech software vendor iSpring Solutions has announced integration of the iSpring Learn learning management system (LMS) with no-code automation from Albato, expanding...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox