Beware tax refund scam, Kaspersky warns

A wave of fraudulent tax refund letters was launched at unsuspecting taxpayers globally, according to Kaspersky’s Spam and Phishing Report for the second quarter of 2019.

The internet security firm says scammers want to make the most of the time of year when there are usually deadlines for tax submissions and taxpayers expect tax refunds.

In the second quarter of 2019, the average share of spam in the world’s email traffic was 55%, 5% higher than the average figure in the second quarter of 2018. The overall number of phishing attacks in the quarter rose by 21% compared to the figure a year ago, reaching 129 933,555.

China (23.72%) became the most popular source of spam, overtaking the US (13.89%) and Russia (4.83%).

During the second quarter Kaspersky experts detected multiple emails pretending to be offers for tax refunds in many countries.

When is it spam?

The fake tax refund letters usually contain an imminent deadline within which the taxpayer would have to take action.

For instance, the scammers urged victims to follow a link and fill out a form “immediately”. In another version, the taxpayer was given just 24 hours to respond, otherwise a tax refund “would not be possible”.

In this way, the criminals tried to steal valuable information, or in some cases, install dangerous spyware.

“Spam and phishing malicious letters usually contain links that lead users to a seemingly legitimate webpage, created by fraudsters and aimed at stealing various types of personal information,” explains the Kaspersky report.

“Seasonal spam and phishing can be extremely effective, since the emergence of such letters in a mailbox is sometimes wished and expected, unlike most ‘unique offer’ – type scams.”

The tricked taxpayer might not even realise that it was a cyber attack and that they had been exposed, until it was too late.

Kaspersky offers the following tips:

  • Always check the link address and sender’s email before clicking on anything sent by them.
  • Check if the link address can be seen in the email and is the same as the actual hyperlink (the real address the link will take you to). This can be checked by hovering your mouse over the link.
  • Do not download and open email attachments that come from unfamiliar email addresses, before scanning them with a security solution. If the email seems legitimate, it is best to check it by accessing the website of the organisation that supposedly sent it.
  • Never share your sensitive data, such as logins and passwords, bank card data with a third party. Official companies will never ask for data like this via email.
  • Use a reliable security solution with behaviour-based anti-phishing technologies to detect and block both spam and phishing attacks and initiation of malicious files.

Article: Fin 24