NJCCIC Alert about Tax Season Scams
The federal tax filing season began this week and threat actors are quickly targeting taxpayers. The NJCCIC observed phishing campaigns attempting to be delivered to New Jersey State employees, with the intent to download and install malware. Threat actors spoofed the sender’s display name to a known source or entity to convince the recipient to trust the email without verifying its legitimacy. The sender’s display name is purported to be from the Internal Revenue Service (IRS); however, upon further inspection, the sender’s domain name was “irs.com” instead of the legitimate “irs.gov.” Additionally, the email signature claimed to be the “Government department” in the IRS to add a false sense of legitimacy and authority.
The subject line displayed “Information Regarding Your Tax Form” to convince their target to open the email and take action. Although the email referenced an attached “TAXFORM.pdf,” it contained an attached Microsoft Word name “Tax Form.doc” that, if clicked, downloads and installs malware. In addition to the IRS, threat actors may also spoof popular tax brands to trick their victims into divulging sensitive information, which can then be used to file fraudulent tax returns, collect refunds, and engage in other identity theft schemes. Additionally, companies required to provide customers with tax documents may also be impersonated in attempts to convince victims into opening malicious links or attachments.
The NJCCIC recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. The IRS does not initiate contact with taxpayers by email, text messages, or social media channels to send or request personal or financial information. Please review the NJCCIC Product Beware of Tax Scams to learn more about common tax scams—including tax identity theft, IRS impersonation scams, and fraudulent tax preparer scams—and cybersecurity best practices to help protect your identity, data, and tax refunds. Additional tax scams and consumer alerts can be found on the IRS website.