It’s income tax season in the United States, which means it’s income tax threat season—and the threats are out in force. Already, crafty schemes and dangerous threat campaigns that have fooled individual tax filers, and even businesses, are making headlines.
With the IRS again expecting that more than nine out of ten tax returns will be prepared electronically, cybercriminals are expecting a windfall of potential victims. People eager and emotionally invested in getting their hands on a tax return make attractive targets, and criminals are happy to exploit the convenience of popular e-filing systems such as H&R Block and TurboTax via phishing pages, domain infringement, and fake mobile apps.
With Tax Day less than a week away, RiskIQ is seeing a spike in these outside-the firewall-threats with attacks fooling consumers into downloading malware, using compromised sites, or giving up their login credentials and credit card information. To analyze the methods cyber threat actors are employing this tax season and where they're targeting their malicious efforts, RiskIQ ran a keyword query of the RiskIQ Global Blacklist and mobile app database looking for instances of terms related to the IRS and the brand names of ten of the leading tax filing software.
Download our research to find out how cyber threat actors are using these well-known brands specifically to exploit tax season via both web and mobile, including:
- Percentage of mobile apps purporting to be from the IRS and the top e-filing services are blacklisted.
- The amount of phishing and domain infringement events RiskIQ has detected leading up to Tax Day.
- Real examples of malicious apps and phishing pages targeting tax filing services and the IRS.
To get more information about Tax Day threats, schedule a demo, and find out how RiskIQ can help give you visibility into your organization's attack surface, contact us today. To learn more about RiskIQ research or the data used in this report, visit our blog or contact the RiskIQ research team at firstname.lastname@example.org.
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
Digital initiatives have changed the enterprise attack surface and how organizations appear online, both to users and malicious actors. Meanwhile, the threat landscape has evo...