RiskIQ’s 2019 Tax Season Threat Roundup

30% of Mobile Tax Filing Apps are Blacklisted

With the IRS again expecting that more than nine out of ten tax returns will be prepared electronically, people eager to get their hands on a tax return make attractive targets for attackers.

Criminals are taking advantage of the convenience of popular e-filing systems such as H&R Block and TurboTax via phishing pages, domain infringement, and fake mobile apps. RiskIQ is seeing a spike in these outside-the firewall-threats that are fooling consumers into downloading malware, using compromised sites, or giving up their sensitive information.

To analyze the methods threat actors are employing this tax season, RiskIQ ran a keyword query of the RiskIQ Global Blacklist and mobile app database looking for instances of terms related to the IRS and the brand names of leading tax filing software.

Download the 2019 Tax Day Threat Roundup for:

  • Percentage of mobile apps purporting to be from the IRS and the top e-filing services that are blacklisted.
  • Amount of phishing and domain infringement events RiskIQ has detected leading up to Tax Day.
  • Real examples of malicious apps and phishing pages targeting tax filing services and the IRS.

Get the Report