Phishing Scams and Malware: What You Need to Know this Tax Deadline

By: Josh Mayfield | 4/10/2019

Filing your taxes each year can be a painful process and sadly, cyber criminals continue to amplify the confusion. Phishing scams and malware again topped this year’s “dirty dozen” list of prevalent tax scams published by the Internal Revenue Service (IRS).

What are Phishing Scams?

Phishing scams are fake emails, text messages and websites set up by online scammers as a way to steal personal information and gain access to your system, and lets malware loose to wreak havoc.

Tax Fraud and Identity Theft

Inevitably, Tax Day brings phishing scams and malware. In a warning to tax payers last month, the IRS said phishing scams, or messages that look like they are coming from the IRS or other legitimate tax service companies, commonly lead to both tax-related fraud and identity theft. With more than 135 million Americans filing their taxes electronically last year, it’s easy to understand why the annual event is such a lucrative target for cyber criminals.

Phishing emails are step one into a larger, nefarious effort. The messages may contain links to malicious websites set up by crooks to steal your data. One cybersecurity firm discovered more than 100 such sites this year alone – all designed to make the user think they were using a legitimate website. In reality though, the site only existed to steal login information for the actual, legitimate site it was impersonating and/or personal details such as social security numbers or even passport numbers.

Read Top Cybersecurity Threats of 2018 Revealed

Other phishing emails are designed to coax you into downloading malicious software, or malware. This year, some of the more common malware downloads stemmed from phishing messages that appear to come from Intuit, the makers of Quickbooks and TurboTax. Others target businesses and look as if they have been sent from accounting or payroll service companies like ADP. These messages include an Excel file attachment that, once opened, is programmed to install a Trojan on your computer for further data pilfering.

TrickBot Banking Trojan

A Trojan is a program that claims to perform one function but actually does something else entirely. One popular Trojan for this year’s tax filing deadline is TrickBot. It targets Windows users through a malicious Excel document and once infected, the malware combs for passwords, banking information and other credentials to send back to the attacker. The information can then be used to steal funds and in some cases, file fraudulent end-of-year tax forms for further financial gain.

Tax Day is a popular event for cyber criminals to lean in on, and there are many others. Black Friday and Cyber Monday are two other national events that call for added caution and so are more personal events in your life such as home buying. Cyber criminals’ methods continue to grow increasingly sophisticated. The best thing you can do is educate yourself, and your users, on their tactics.

If you’d like more information on the more common attack types such as phishing, trojans and even ransomware which has been a significant issue for many in recent years, watch the next episode of our Cybersecurity Insights video below. And while you’re at it, watch and subscribe to our full Cybersecurity Insights video series on YouTube.

Video transcript:

Hello again, Josh here from Absolute. In the last episode, we saw how threats come in many forms. In this episode, we'll explore a couple of ways those threats use to get to the goods.

Let's look at phishing, the most common tool cybercriminals use to get access to our systems.   We've all seen it; the email from your bank or a company you patron asking you for information. 'Please, update your account (or profile or membership or...)

Logos and font styles look real.   There's the button, staring back at you. What is it about people and buttons? There is an unmistakable urge to click!

Now that you've scratched the itch to click, the attacker gets a toehold to push malware, ransomware, or even grab control over the device.   Phishing is the most widely used weapon for cyber-attacks for one, single, very important reason. It works.

It exploits our most basic instincts: curiosity, cooperation, trust, and willingness to share and help.

When we fall for these deceptions, we're likely to play host to some unwelcome guests in our IT environment: malware.

Malware is a smashed word coming from malevolent (meaning, bad) and software. Malware tends to come in four forms:

  1. Viruses
  2. Worms
  3. Trojans
  4. Hostage-takers (aka Ransomware)

Viruses are aptly named, they infect the system and interact with the normal processes to either get the user to do something that gives access, or disable the system so that it is unusable.

Worms are designed with the expressed intent to replicate and spread to other systems. Much like viruses, these pesky malwares corrupt the host system, but are tailored for reproduction and thus are more damaging.

Compounding the sadism, we have trojans. These malwares look like approved apps and software (like a printer driver) so they're not as easily detected by anti-virus apps. Once installed, they replicate and forge onward to other resources playing the same trick.

By now, most of us have heard about the last of these weapons: ransomware. The malware designed to lock your files and data until you pay a fee - usually in a cryptocurrency so it can't be traced.

The good news, of course, is that no phishing scam or malware is effective without an existing vulnerability.

Once again, we see why having persistent visibility and control is so essential. Unless we can see our trouble-spots and quickly remove the risk, we are bound to fall victim to these attack vehicles.

In our next episode, we'll look at the growing threat of botnets. Be sure to subscribe and leave your comments below. I'll see you next time.

Financial Services