RSS feed Get our RSS feed

News by Topic

BizReport : Email Marketing : March 24, 2021

Report: Fraudsters targeting taxpayers in lead-up to US tax deadline

Both small business owners and consumers need to be more careful about emails suggesting they click to ensure their tax information is up to date. That, according to Cybereason, is one of the latest gags from phishers, and with the US tax deadline approaching, millions could be harmed by the hacking attempts.

by Kristina Knight

"Social engineering via phishing emails continues to be the preferred infection method among both cybercriminals and nation-state threat actors. The potential for damage is serious and the malware allows threat actors to gain full control over a victim's machine and steal sensitive information from users or their employers. In this research, we demonstrate how the attackers are leveraging the U.S. tax season to infect targets at will," said Assaf Dahan, senior director and head of threat research at Cybereason.

In 2020, the IRS estimates consumers were defrauded of $2.3 billion due to schemes like this. But, along with so many other changes to the digital space since the beginning of the pandemic, phishers and other fraudsters have also become more sophisticated in their hacking attempts. Experts say the phishers use remote access Trojans within the emails to take control of computers once links inside the fraudulent emails are clicks.

For protection, experts suggest consumers employ two-factor authentication on their devices, do not click any links or open attachments in emails like these, and ensure security software is up to date and running on all consumer devices.

"The use of various techniques such as steganography, storing payloads on legitimate cloud-based services, and exploiting DLL sideloading against a legitimate software makes these campaigns very difficult to detect. The sensitive information collected from the victims can be sold in the underground communities and used to carry out all manner of identity theft and financial fraud," added Dahan.

More data from the report can be accessed here.

Tags: cybercrime, cybercriminals and email, Cybereason, email hacking trends, email marketing, malware trends, phishing trends

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.