Industry Trends

The Darkweb and Tax Season

By Aamir Lakhani  | April 09, 2018

It seems like every season has an angle that hackers and scammers use to prey on unsuspecting individuals. We just managed to make it through the holiday season and now we are besieged with people trying to take advantage of us during tax season.

IRS imposter scams are not new. Most of these tax scams involve either directed phishing email campaigns, or more frequently, calling individuals and claiming to be the IRS or a collection agency hired by the IRS. Many times these scammers even know the victim’s Social Security number and address because they have been taken from stolen data. Many even spoof IRS caller IDs so they seem legitimate.

The Darkweb

Unfortunately, for the novice scammer or hacker, there are a number of online hacker forums on the Darkweb where criminals provide information and answer questions about how to best exploit these seasonal opportunities. For example, many scams target specific demographics.  In fact, some online forums claim that the success rate of tax-season scams is highest when an individual or criminal organization targets immigrants, green card holders, small business owners, or individuals who are either new taxpayers under the age of 25, or who are over 60 years old. Unfortunately, this sort of targeting hits a number of possible exploit buttons.

Darkweb hacker forums explain that the best success results from calling an individual and telling them that they have missed an important tax payment or deadline. To create a sense of urgency, they often explain that a warrant has been issued for their arrest. Depending on the data they are using for this call, they may also threaten to deport someone without permanent or legal status. But the result is always the same, if the victim wants to avoid getting arrested they need to make a payment over the phone using a credit card, or preferably, gift cards.

They Want Your Money

One thing we know is that scammers want your money, and they want it as fast as possible. That’s why they usually ask victims to pay in ways that make it easy for them to get paid, and nearly impossible for the victim to get it back. Criminals prefer gift cards because they are really almost like cash, and they will even walk an unwitting victim through the process of how to purchase a gift card online and then give them its number.

Of course, success depends on volume, and most criminals don’t have access to a call center, multiple phone lines, or caller ID spoofing tools. However, there are now plenty of online services on the Darkweb that offer these scams for a fee.  In fact, profiles for these services become more prevalent during certain times or before certain events, such as holidays or the Olympics, because they are competing with other scammers for your business.

Basically, an enterprising hacker pays a flat fee per day, and then the call service shares any profits, usually at a 60%/40% split, with the majority going to the person hiring the service. Like similar legitimate businesses, the price per day fees depends on the number of calls they can make per day, the quality of the lists they are using, or the other services they provide. Many advertise that they provide call centers, caller ID spoofing to make it look like a call is coming from an IRS or other office number, and individuals with American or British accents making the calls. Scammers can also provide their own lists, with some available online that have been cleaned and de-duplicated.

What You Can Do: How to Protect Yourself

File your taxes early

If you have already filed and received your refund or paid any taxes owing, claims that you owe money are less effective.

Understand how the IRS works

The IRS does not frequently make initial contact over the phone or via email. Instead, you will receive notification through the mail that includes specific details on how to contact them that can be easily verified online.

Official government offices don’t require you to use specific payment methods. They also don’t request prepaid debit cards, gift cards, or money transfers.

Don’t share your information

Never share your financial or other personal information. If the IRS is actually contacting you, they already have a lot of your information on file and will only request specific information through the mail.

Write down the details of the call. Record the phone number, name of the caller, and any other details that they might provide.

If you have been contacted by email, do NOT click on any attachments or links. Simply take a screen shot of the information and then delete the message.

Report the call or email

You can file a complaint with your local police, who most likely have a fraud prevention program in place. You can also file a complaint with the Treasury Inspector General at tigta.gov, or with the Federal Trade Commission at ftc.gov/complaint. Share with them any of the data you collected about how you were contacted and what was said.

Warn others

The most helpful thing you can do is to warn your family, friends, and neighbors, especially those who may be at the most risk of being taken in by these sorts of scams. If we all do our part, we can all be a little bit safer.

Be prepared

Tax fraudsters will leverage today’s technology for illicit gain at innocent consumers’ expense. Losing money to a fake IRS agent or having your tax return rejected because a fraudster has already filed in your name is a terrible feeling that no law-abiding individual should ever have to go through. Use the information above to protect yourself.

Sign up for our weekly FortiGuard intel briefs or to be a part of our open beta of Fortinet’s FortiGuard Threat Intelligence Service.

For more information on the Cyber Threat Landscape, access our latest Quarterly Threat Landscape report here.

This byline originally appeared on CSO.com.

Join the Discussion