Sunday, April 18, 2021
  • Mapping “America First” Revival of the KKK
  • CPDP 2021 – Moderator: István Böröcz. ‘To Record Or Not To Record?’, ‘COVID-19, Body Temperature Screenings And The GDPR’s Material Scope’
  • Prepare Your Organization for MFA Compromise
  • XKCD ‘AI Methodology’
  • CPDP 2021 – Prof. Paul De Hert ‘Opening Remarks’

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network Social Engineering 

Home » Cybersecurity » Social Engineering » 2021—Year of the Tax Scam

2021—Year of the Tax Scam

by Social-Engineer on March 15, 2021

2021—Year of the Tax Scam

It’s that time of year again, tax season! The inevitability of taxes brings along another inevitability, tax-related scams. Attackers are always changing and adapting. Every year their methods grow in variety, complexity, and boldness. They are always ready to hop onto the newest trends and exploit the latest technology to find the quickest route to steal your identity and money.

What to Expect

You wake up in the morning, and its tax season! But you just haven’t had time to get to it yet. On your phone, you see a voicemail notification, so you listen to it. As you hear the message, your face goes pale and your heart races… even before your first sip of coffee. An automated message is threatening to cancel your social security number, call the police, and have you arrested! To avoid these actions all you have to do is call a specific number and use a prepaid debit card to get this all cleared up.

Later the same day, you receive a text message.It is from an unfamiliar number and claims to be from your favorite tax software. The message states you can receive a tax bonus by clicking the link shown and then filling out an online form. Or the text message is claiming to be from the IRS (Internal Revenue Service), letting you know there is a $1200 Economic Impact Payment check waiting for you, just follow THIS link and fill out the form to receive it.

Then at work, while checking your email, you have an email from the IRS! @IRSonline.com.” There is even an attachment named “Tax Transcripts” you need to review.

What to Do

These three examples are just a sample of the scams attackers are using to target every one of us right now. There are scams for people who have already submitted their tax returns, and there are scams for people who have not. Nowadays, there are even scams for people who use software to file from home AND scams for people who use tax return agencies. Either way, tax season is a time for the attackers to take advantage of people. So what can you do?

Keep informed

This is not the only blog or article about tax scams, and it is not the first time we’ve written about it. Being aware of the threats out there can help keep you safe. The linked IRS web-page has a list of common scams and articles about each one. They are all equally important. Review the articles and keep yourself informed.

Think before you click

Do not click on any links when are not certain of their origin or identity. Do not click on links from addresses you do not know. If you are unsure of the genuineness of a link, you can check it. Google has a handy little tool where you can paste links into it to check their credibility.

Remember

The IRS website states: “The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information.”

Do not call back

If you receive a threatening call, robotic or otherwise, do NOT call back. By doing so, you let the scammers know you are emotionally invested in, and willing to spend the time on, their scheme. So, they will more likely continue their attacks.  Instead, you can look up the official number for any agency they claim to be. Contact the agency directly using the official number, if you are concerned about any of the messages you have received.

Report the scam

If you identify a scam, a phishing email, or other form of tax or identity fraud, report it! Doing so can potentially shut down an avenue of attack, protecting others, and/or your company (if your company blocks attacks coming from those addresses). The IRS has a chart with helpful links on several ways to report fraudulent activity.

Tell Your Family, Tell Your Friends, Tell Your Colleagues

One of the most effective defenses against scams is knowledge. By sharing what you’ve learned here and through your research, you are creating your own little security advocacy group. Encourage those around you to do the same. Work together to keep each other safe, and informed. Stay safe this tax season. Be vigilant, as we work together to keep the scammers and attackers at bay.

Sources:
https://faq.ssa.gov/en-us/Topic/article/KA-10018
https://www.irs.gov/newsroom/irs-warns-people-about-a-covid-related-text-message-scam
https://www.usa.gov/irs-scams#item-214333
https://www.social-engineer.org/general-blog/lookout-for-tax-scams/
https://www.irs.gov/newsroom/tax-scams-consumer-alerts
https://transparencyreport.google.com/safe-browsing/search
https://www.irs.gov/
https://www.irs.gov/individuals/how-do-you-report-suspected-tax-fraud-activity

The post 2021—Year of the Tax Scam appeared first on Security Through Education.

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer. Read the original post at: https://www.social-engineer.org/social-engineering/2021-year-of-the-tax-scam/?utm_source=rss&utm_medium=rss&utm_campaign=2021-year-of-the-tax-scam

March 15, 2021March 15, 2021 Social-Engineer General Social Engineer Blog, Identity Theft, IRS, Phishing, scam, security, smishing, social engineering, tax, taxes, vishing
  • ← SI.1.210 System Integrity/Patching (CMMC Level 1)
  • DnsAdmins Revisited →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

YT$AW: FBI Cleans Up Exchange Servers, NSA Tips Microsoft 4 More Bugs
Majority of Mobile App Vulnerabilities From Open Source Code
Broadcom to Migrate Security Platforms to Google Cloud
In the World of IoT Security, Lock Every Door
The Need for a Cybersecurity Protection Agency
Mayhem for API ❤️ GitHub: Seamless DevSecOps for your REST APIs
Damaging Linux & Mac Malware Bundled within Browserify npm Brandjack Attempt
What the 2021 OSSRA report tells us about the state of open source in commercial software
Radware is named a Customer’s Choice in the 2021 Gartner Peer Insights
Shashi Prakash Chats about Cryptocurrency and NFT Fraud

Upcoming Webinars

Wed 21

Managing Open Policy Agent at Scale

April 21 @ 3:00 pm - 4:00 pm
Thu 22

A New Approach to Secure Web Gateways

April 22 @ 11:00 am - 12:00 pm
Mon 26

The Kubernetes Network (Security) Effect

April 26 @ 9:00 am - 10:00 am
Mon 26

Application Security: Moving at the Speed of DevOps

April 26 @ 1:00 pm - 2:00 pm
Wed 28

Cyber Attacks From the Open Source Perspective

April 28 @ 1:00 pm - 2:00 pm
Thu 29

Hack My Java Application: Demonstrating How Snyk and Red Hat Help Developers Stay Performant and Secure

April 29 @ 11:00 am - 12:00 pm
May 05

Managing Permissions and Entitlements is at the Core of a Zero Trust Model in the Cloud

May 5 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Three Wishes to Revitalize SIEM and Your SOC
Cybersecurity Data Security Endpoint Industry Spotlight Network Security Security Boulevard (Original) 

Three Wishes to Revitalize SIEM and Your SOC

April 16, 2021 Albert Zhichun Li | 2 days ago 0
Breach Clarity Weekly Data Breach Report: Week of April 12
Cybersecurity Data Security Identity & Access Industry Spotlight Security Boulevard (Original) Threats & Breaches 

Breach Clarity Weekly Data Breach Report: Week of April 12

April 14, 2021 Kyle Marchini | 3 days ago 0
Securing Remote Health Care Post-COVID-19
Cloud Security Cybersecurity Data Security Governance, Risk & Compliance Industry Spotlight Mobile Security Security Boulevard (Original) 

Securing Remote Health Care Post-COVID-19

April 14, 2021 Mike Nelson | 4 days ago 0

Top Stories

U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Incident Response IoT & ICS Security Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks

April 16, 2021 Richi Jennings | 1 day ago 0
YT$AW: FBI Cleans Up Exchange Servers, NSA Tips Microsoft 4 More Bugs
Analytics & Intelligence Cloud Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Incident Response Malware Network Security News Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

YT$AW: FBI Cleans Up Exchange Servers, NSA Tips Microsoft 4 More Bugs

April 14, 2021 Richi Jennings | 3 days ago 0
Son of Stuxnet? Iran Nuke Site Hacked ‘by Israel’ (Again)
Analytics & Intelligence Application Security AppSec Cyberlaw Cybersecurity Deep Fake and Other Social Engineering Tactics Endpoint Featured Governance, Risk & Compliance Identity & Access Identity and Access Management Incident Response IoT & ICS Security Malware Network Security News Securing the Edge Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Son of Stuxnet? Iran Nuke Site Hacked ‘by Israel’ (Again)

April 12, 2021 Richi Jennings | Apr 12 0

Security Humor

via the comic delivery system monikered Randall Munroe resident at XKCD !

XKCD ‘AI Methodology’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.