IRS Warned of an Ongoing IRS-Impersonation Scam

The Internal Revenue Service (IRS) has cautioned of ongoing phishing assaults impersonating the IRS and targeting educational establishments. The assaults focus around colleges staff and understudies with .edu email addresses and use tax refund payments as snare to lure clueless victims. The IRS said the phishing emails “appear to target university and college students from both public and private, profit and non-profit institutions.”
It added that the suspect emails show the IRS logo and utilize different headlines, for example, “Tax Refund Payment” or “Recalculation of your tax refund payment.” Clicking on a link takes victims to a phony site that requests individuals to submit a form to claim their refund.
Abnormal Security researchers who detected these assaults in the wild, recently said that they circumvent Office 365 security and landed in the mailboxes of between 5,000 and 50,000 targets. “This impersonation is especially convincing as the attacker’s landing page is identical to the IRS website including the popup alert that states’ THIS US GOVERNMENT SYSTEM IS FOR AUTHORIZED USE ONLY’, a statement that also appears on the legitimate IRS website,” Abnormal Security revealed.
The phishing site requests taxpayers to provide their:
• Social Security number
• First Name
• Last Name
• Date of Birth
• Prior Year Annual Gross Income (AGI)
• Driver’s License Number
• Current Address
• City
• State/U.S. Territory
• ZIP Code/Postal Code
• Electronic Filing PIN
Hank Schless, Senior Manager, Security Solutions at Lookout, says, “At this time of year, attackers will pose as members of the IRS to socially engineer employees into sharing sensitive tax-related information such as social security numbers or bank account information.”
Schless adds, “Security teams should be protecting employees across all endpoints to ensure they don’t fall victim to a phishing attack or download a malicious attachment that compromises the organization’s entire security posture. These scams are most effective on mobile devices, and attackers know that and are creating phishing campaigns like this to take advantage of the mobile interface that makes it hard to spot a malicious message. People access their work email on a smartphone or tablet just as much as they do on a computer. Any text, email, WhatsApp message, or communication that creates a time-sensitive situation should be a red flag. Employees should approach these messages with extreme caution or go straight to their IT and security teams to validate it.”
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
System ram type: DDR4_sdram
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)