It is that time of the year again: time to wait anxiously for W2s and 1099s to arrive, then feverishly compile figures and look for deductions to try and get back as much of your money from the IRS--or Her Majesty's Revenue and Customs (HMRC)--as possible. Do you know what that means? That means it is also time for attackers to capitalize on tax season with malware and phishing scams.
In the United States, we have an extra few days to drag out tax season before the final deadline at midnight on April 18. It was delayed this year because...well, no reason really. I guess the IRS and the post office didn't want to work late on Friday? But, for my friends across the pond in the United Kingdom, the HMRC deadline is midnight on this coming Monday, January 31--so, let the games begin!
Phishing e-mails are circulating, claiming that a miscalculation has been detected and that the recipient is owed a larger refund. Fred Touchette of Appriver explains the new tax season threat. "The scammers see this as an opportunity to possibly catch some people slipping even though this most recent scam is targeting people who are already expecting a refund.
To obtain the increased refund, recipients are directed to open the e-mail file attachment titled "Tax.Refund.New.Message.Alert.HTML." The resulting Web page appears to be the actual HMRC site, but is actually generated locally. The form requests sensitive information such as credit card details and mother's maiden name in order to process the refund.
While this attack is specific to the United Kingdom, there will be others--both in Europe and in the United States. I realize it is difficult not to get excited, or at least be a little curious, when you receive an e-mail claiming you are owed money, but these tax spam phishing attacks are no better than e-mails from exiled Nigerian princes offering you millions. The only difference is that the amount of money is a more reasonable--hence, more believable--figure aimed at catching even skeptical victims with their guard down.