Akamai finds fraudsters targeting tax filings

Default Image

Starting with the pandemic in 2020, many fraudsters began focusing on American’s taxes. According to Akamai nearly half of web attacks were observed between the dates of June 17 to July 29, when American’s taxes came due. Tax deadlines were extended because of the beginning of the COVID-19 pandemic, and the deadline has been extended this year, as well, leading security experts to warn consumers to be extra careful about phishing and malware attacks.

Why the focus on the tax deadline?

“In 2020, there were a total of 20.2 million web application attacks, and 10.9 million of those occurred between June 17 and July 29. Due to COVID, the IRS extended the tax filing deadline, and criminals took advantage of this to conduct additional attacks,” writes Steve Ragan, Akamai Security Researcher, via the Akamai Blog. “LFI attacks are looking to exploit various scripts running server-side, usually PHP. However, LFI can also target ASP, JAP, and other web-based technologies. Successful attacks often result in the disclosure of sensitive information, which can be leveraged for additional attacks. At the same time, LFI can also sometimes result in client-side command execution (due to vulnerable JavaScript), which could lead to Cross-Site Scripting or Denial-of-Service.”

Credential Stuffing is another attack form that is likely to see a resurgence as fraudsters bank on consumers’ habits of relying on old or weak passwords while filing taxes online. More than half (56%) of credential stuffing attacks in 2020 surrounded the June to July tax filing deadline window.

The IRS has moved the tax deadline to May 17, 2021, and Akamai’s experts believe another wave of attacks will surge as the deadline nears. Akamai’s researchers have posted a number of blogs with suggestions on how consumers can protect themselves from these types of attacks here.

Fraudsters are also targeting online W2 forms, according to new Armorblox data. Researchers there found that fraudsters are using social engineering tactics and exploiting free online software to create phishing pages that look like legitimate W2 forms.

Their experts suggest employing multi-factor authentication, updating to more secure passwords and/or a password management tool, and to avoid common pitfalls of passwords including using easily accessible personal information as part of a password.



Kristina Knight is a freelance writer based in Ohio, United States. She began her career in radio and television broadcasting, focusing her energies on health and business reporting. After six years in the industry, Kristina branched out on her own. Since 2001, her articles have appeared in Family Delegate, Credit Union Business, FaithandValues.com and with Threshold Media.