Security Awareness – Phishing Scams Continue Leveraging Tax Season Lures

Threat actors continue leveraging the U.S. tax season across multiple campaigns to scam unsuspecting victims. Last week, WaterISAC reported on a tax-themed phishing campaign that led to Emotet infections. Other common tax-related scam includes fraudsters calling victims on the phone pretending to be from the IRS and then pressuring victims to provide personal identifiable information (PII) or scaring them into giving out credit or debit card details to make a fraudulent payment. Additionally, threat actors are spoofing popular financial technology applications, like Stash and Public, to fool victims into divulging their credentials and other PII. To defend against this activity, members are encouraged to carefully scrutinize suspicious emails and are reminded that the IRS will never contact via phone or email and ask you to reveal personal information or make a payment. Read more information on tax scams at HelpNetSecurity.