Alerts E-Threats

Phishing and Adware Marks US Tax Season

Bitdefender has detected two types of scams that impersonate the Internal Revenue Service to phish for US citizens identification data as the country nears the end of tax season.

The refund phishing scams promise users thousands of dollars in tax rebates and silently steal sensitive authentication data through phishing forms. The collected info is likely later sold on underground markets and used to steer rebate money into unauthorized accounts.

The bogus messages contain either links that open fraudulent websites or fake registration forms sent as attachments to collect sensitive data about taxpayers that will eventually help fraudsters impersonate the innocent or even collect tax refunds in their names. The IRS unintentionally refunded $4 billion to identity thieves in 2011, according to a report by the Treasury Inspector General for Tax Administration.

Once someone gives away information such as full name, date of birth, address, phone number, card number and expiry date and security code, there is no stopping the crook from steering victims’ tax returns toward their accounts or impersonating them in future fraud.

Security researcher Brian Krebs writes that the data needed for such fraud can be found in underground “shops” where crooks purchase lists of people’s identification data. Such a forum can sell data from tens of thousands or even millions of Americans.

US citizens who think they might have fallen victim to an identity theft or work with a company that reported a security breach should contact the Identity Protection Specialized Unit of the IRS toll-free at 1-800-908-4490 and let them know of the suspicion.

Another protection step would be applying for a taxpayer-specific PIN that will be required anytime a tax related claim is filed. To apply for such a PIN, check the IRS’s dedicated webpage here.

Further information on how to protect your identity and avoid tax fraud is provided by the Federal Trade Commission homepage.

This article is based on spam samples provided courtesy of Ionut-Daniel RAILEANU, Bitdefender Anti-Spam Researcher.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author


A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.