1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beware the Ides of April - Cybercriminals and Tax Season

Discussion in 'BlackHat Lounge' started by Asif WILSON Khan, Apr 14, 2017.

  1. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    12,143
    Likes Received:
    33,698
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    Bad Actors Will do Whatever They Can to Take Advantage of the Lucrative Tax Season

    Made famous by Shakespeare’s Julius Caesar, “Beware the Ides of March” was a message to Julius Caesar warning of his assassination on March 15. Although the consequences aren’t as dire, a similar warning is also in order for businesses and individuals in the U.S. around the Ides of April – the traditional tax filing deadline and, in recent years, a deadline for cybercriminals to profit from tax season.

    This year the trend continues. There are numerous instances of bad actors requesting and selling items pertaining to tax fraud across criminal sites on the open and dark web. It has been reported that already at least 120,000 individuals have been affected by W-2 phishing incidents this year.

    Analyzing keywords across known criminal and dark web sites, we see a 40% rise in mentions when compared to this same period in 2016. Words like “tax refund” and “W-2 form/info” are the most popular and on pace to eclipse the number of mentions last year. Consistent with this, the market for W-2 forms is alive and well with users willing to pay as much as $5 per form or receive a bulk discount, $100 for 30. W-2s marketed as “fresh from the company” command an even higher price at $10 each.

    The potential for profit rises with more data. Cybercriminals claiming to have secured loan applications from a mortgage lender’s database are offering each application for $15. Not only does the buyer get W-2 information but other data that can make it easier to successfully file fraudulent tax returns.

    In the face of the increased volume of phrases associated with tax fraud and evidence of tax fraud-related items for sale on criminal sites, user awareness is on the rise as are the IRS’s efforts to prevent fraudulent tax returns.

    Earlier this year, the Treasury Inspector General for Tax Administration issued a report (PDF) on the results of the 2016 filing season. The report shows a continued decrease from 2013 – 2015 in the number of fraudulent tax refunds the IRS detects and stops, and attributes this to expansion of its processes to prevent such returns from entering the tax processing system to begin with. The IRS uses a variety of methods to detect and reject e-filed and paper tax returns:

    • Locking taxpayer accounts of deceased individuals

    • Employing more than 180 identify theft filters to detect confirmed identity theft tax returns

    • Limiting the number of direct deposit refunds that can be send to one bank account

    • Screening tax returns filed using a prisoner’s social security number

    However, these efforts haven’t dissuaded cybercriminals. The IRS reported a “400 percent surge in phishing and malware incidents in the 2016 tax season,” showing that cybercriminals continued tax-related fraud activity. And, as recently as March 17, the IRS issued a new warning about last-minute email scams.

    But unlike Julius Caesar, who didn’t heed the warnings, there are plenty of ways businesses, taxpayers and tax preparation professionals can prevent themselves from falling victim to attacks. Individuals:

    • Don’t click on unsolicited emails or attachments, no matter how “authentic” they may look.

    • Change passwords frequently and never reuse corporate credentials for personal activity.

    • Never give up sensitive data such as passwords, social security numbers and bank account or credit card numbers.

    • Check for updates on the latest scams. The IRS website and twitter feed are great resources for this.

    In addition to these best practices, businesses should:

    • Implement an enterprise password management solution – not only for secure storage and sharing but also strong password creation and diversity.

    • Proactively monitor for data dumps relevant to your organization.

    • Implement multi-factor authentication for external facing corporate services like Microsoft Outlook Web Access, and Secure Sockets Layer Virtual Private Networks, as well as for software-as-a-service offerings like Google Applications, Office365 and, of course, for any tax preparation offerings you are using.

    • Manage the use of privileged accounts and ensure the principal of least privilege is implemented not just for data but also for file, directory and network share permissions.

    We all know cybercriminals aren’t easily discouraged and will go to great lengths to turn a profit. Individuals and businesses should stay informed of the breadth of attack techniques. For example, cybercriminals posing as taxpayers and requesting that tax preparers redirect deposits, or, conversely, posing as the IRS via texts and calls to further pressure and intimidate individuals to provide valuable data. Bad actors will do whatever they can to take advantage of this potentially lucrative season – so beware the Ides of April.



    Source: http://www.securityweek.com/beware-ides-april-cybercriminals-and-tax-season
     
    • Thanks Thanks x 4
  2. archixet

    archixet Jr. VIP Jr. VIP

    Joined:
    Aug 23, 2013
    Messages:
    2,466
    Likes Received:
    462
    Gender:
    Male
    Occupation:
    Im a webcam model and a part-time bottle washer!!!
  3. back2form

    back2form Jr. VIP Jr. VIP

    Joined:
    Jul 15, 2012
    Messages:
    3,414
    Likes Received:
    1,750
    Gender:
    Male
    Occupation:
    Searching..
    Location:
    in front of BHW
    [​IMG]
     
  4. Peter Wilson

    Peter Wilson BANNED BANNED

    Joined:
    Apr 14, 2017
    Messages:
    113
    Likes Received:
    19
    Gender:
    Male
    thanks for the detailed information on these new scams unearthed now a days. People should really educate themselves on matters like these.
     
    • Thanks Thanks x 1
  5. Vladamir

    Vladamir Power Member

    Joined:
    Jan 4, 2012
    Messages:
    549
    Likes Received:
    326
    Gender:
    Male
    Occupation:
    Restore Old Boats
    Location:
    Zihuatanejo, Ixtapa, Mexico
    I got a bunch of these tax emails, some of them were really well written I almost clicked, for domain emails very similar to my bank. I prefer the Prince ZULU looking to give me a million dollars before he dies if i deposit 1 grand emails :)
     
  6. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 21, 2013
    Messages:
    12,478
    Likes Received:
    11,183
    Occupation:
    CHEAP
    Location:
    DATASETS
    Home Page:
    I've been noticing the Android app store is filled with tax programs that require full access to everything on your phone. I wonder how many of those are legit.
     
  7. Reaver

    Reaver Jr. VIP Jr. VIP

    Joined:
    Aug 6, 2015
    Messages:
    1,904
    Likes Received:
    5,459
    Gender:
    Female
    I'm betting between 5 and 10%. And I'm being generous.
     
    • Thanks Thanks x 1
  8. bonerlicious

    bonerlicious BANNED BANNED

    Joined:
    Apr 12, 2017
    Messages:
    60
    Likes Received:
    84
    Gender:
    Male
    You get until Monday this year right? I already paid my taxes. Turbo Tax is your friend.

    had 6 months of w2 income which helped a lot.