SECURITY
SECURITY
SECURITY
Internal Revenue Service warns of tax phishing scam
The U.S. Internal Revenue Service has issued an urgent warning concerning a phishing scam that seeks to steal Electronic Filing Identification Numbers.
The scam, which emerged just before the tax filing season began Feb. 12, involves emails that impersonate the IRS with a subject line “verifying your EFIN before e-filing.” The text of the email asks tax preparers to email copies of the EFIN verification and driver’s license with a fake warning that if they do not comply, their ability to file tax documents electronically will be disabled.
In the event that victims fall for the scam, the information obtained can be used to illegally file tax returns for refunded by impersonating the victim.
“Tax professionals who received the scam should save the email as a file and then send it as an attachment to phishing@irs.gov,” the IRS advised in the Feb. 10 notice. “They also should notify the Treasury Inspector General for Tax Administration… to report the IRS impersonation scam.”
Although IRS impersonation scams are not new, there’s a COVID-19 pandemic angle to the current phishing campaign. “Some thieves also pose as potential clients, an especially effective scam currently because there are so many remote transactions during the pandemic,” the IRS explains. “The thief may interact repeatedly with a tax professional and then send an email with an attachment that claims to be their tax information.”
Tax scams are “as inevitable as paying taxes,” Erich Kron, security awareness advocate at security awareness and training firm KnowBe4 Inc., told SiliconANGLE.
“These scams use a multitude of scenarios that individuals and organizations face each year, as they work through the often confusing, stressful and frustrating task of figuring out how much they will owe or will get refunded, by the government,” Kron explained. “This stress and confusion only serve to make the scammers’ job easier.”
And tax-themed phishing attacks are a powerful tool for cybercriminals to steal sensitive information such as social security numbers or bank account information, redirect payments or steal credentials that will allow them to file fake tax returns, Kron added. “To defend against these scams, educating people about the types of scams occurring and the red flags, such as links that go to different websites when you hover over them, unexpected requests for sensitive information such as login information or social security numbers, is critical,” he said.
Photo: MBisanz/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
