Tax phishing is one of the most common scams that take a serious toll on your sensitive data and bank credentials as well. It is the process of scamming via fake emails, websites, or advertisements that mimic a trusted source, thereby earning the trust of taxpayers. Once you click on the link or visit the fake website (though it looks exactly like the original site), it can steal your sensitive information such as PIN numbers, usernames, passwords, access details for banks, credit cards, etc.
Tax scammers get especially busy after the filing date, which was deferred to July 15 in 2020 due to the pandemic. They usually buy the ready-to-use toolkits available on the dark web and pull off a phishing attack. The good news is you can protect yourself from such phishing attacks if you get the hang of how this works. So, here are the four hidden technologies behind tax phishing that will help you make better, informed decisions.
Tax Phishing via Emails
Tax phishing via emails has always been popular and quite threatening. Scammers pull off their phishing attacks by taking advantage of your fears, insecurities, and vulnerabilities. During recessions, for instance, the scammers know that most people worry about their jobs, savings, and financial security. Thus, they tend to send emails with subject lines such as ‘Self-Employment Income Support Scheme’ or ‘Important Tax Refund Notification’ to pique your interest. Once you open the email, click on a link or download an attachment, all your sensitive information and bank credentials get exposed to the attackers.
What exactly happens in the phishing scheme on an email?
The scammer registers a fake domain that imitates a genuine organization that people usually trust.
- Once the email is ready, the scammer sends out thousands of generic requests.
- The fake domain consists of character substitutions such as using ‘n’ instead of ‘m.’
- The scammers may also use the genuine organization’s name in the local part of the email address. It helps in earning the trust of recipients who might think the email is from a reliable source.
This technology has gained popularity among scammers, especially after the pandemic. For example, two well-known scams that used the name of trusted government aid programs mimicked the HMRC to steal sensitive details from people. Both the scams apparently offered lockdown support plans and a COVID-19 refund. As you can understand, both the programs are very relevant to the current situation, and hence many may have fallen prey to the scam.
Tax Phishing via News Agenda
Scammers are always on the lookout for recent news agendas. They use anything of national interest that is revealed in the news in their fake emails or even fake texts. Let’s say the news says that students should use an algebra calculator while solving mathematical problems. So, the scammers might send emails or texts to tons of people telling them that they can get free access to the calculator if they clicked on a particular link or opened a website.
You may see or read the news to understand what’s going on in the world. Scammers, however, keep a tab on the news to figure out what is it that incites fear, insecurity, and curiosity among people. They use that news to compel strangers to click on their fake links and eventually steal their sensitive information. The scammers tend to create a sense of urgency so that people get confused or scared and make a trivial errors.
Boris Johnson announced the vaccine rollout scheme around December 2020. Right after that, probably within minutes, phishing texts and emails were being distributed, thereby apparently offering the vaccine, which was a lie. Thankfully, these emails were deployed since the news channels made it viable in front of the whole world.
Tax Phishing via Mobile Devices
The easiest way for scammers to do tax fraud is via mobile devices. From shopping to paying bills, we do almost everything on mobile devices these days. There are at least seven to eight apps on all our phones. Most of the apps contain our email IDs, locations, etc. Thus, we are the most vulnerable when we are on our mobile phones.
Workplaces have gone digital after the pandemic struck. Most employees tend to access work-related applications and services from their mobile devices and use their Wi-Fi connection. This has created a loophole in the security system of multiple organizations. Now scammers can break into the system through work-related apps on mobile devices.
Tax Phishing via Text Messages
If you have a mobile phone, chances are you are familiar with text messages. You may even open them without a second thought. Scammers spoof the numbers from which they send messages. So, whenever they send you a spam message or a link, your phone might show the sender of the text as ‘HMRC’ instead of a phone number.
The related spam text messages look somewhat like this:
“You are eligible to receive a refund.”
Spam messages might give you a hint that the IRS owes you money and that you are eligible for a tax refund.
‘” Tax payment deducted from your account.”
Cybercriminals often send you text messages that owe the IRS a substantial amount of money.
These messages will eventually ask you to click on a link or visit a website. This website starts stealing your data as soon as you click on the link. The messages may look like they are from a trusted source, but that is how they are made to look to lure victims.
IRS Criminal Investigation noticed a sharp growth in tax phishing schemes as the world shifted towards the digital realm. People now spend most of their time online, thanks to remote working. It is easier for cybercriminals to get access to your personal data or sensitive information. They can send fake text messages, emails, or websites to steal your data. Now that you are aware of the various mediums they can try to reach you, you can be more careful.
Author bio: Anne Gill is one of the best assignment experts at a high school in London, UK. She is a part of the team of experts at myassignmenthelp.co.uk, where she offers assignment help to students on requests.