The Internal Revenue Service (IRS), in conjunction with local tax agencies in the United States, has warned of a new variant of fraud in which criminals try to take advantage of victims to disclose their bank details arguing that they could be beneficiaries of an Economic Impact Payment for $1200 USD.
Local governments, industry and the IRS act together at what is known as the Security Summit, encouraging taxpayers to take a more cautious stance on these scam attempts and constantly reminding them that these agencies never request confidential information. Still, many users remain victims of similar scams.
Chuck Rettig, commissioner of the IRS, says hackers are taking advantage of all issues related to COVID-19 disease to try to trick taxpayers: “This scam has taken a major turn, we ask taxpayers to remain alert to any attempted fraud,” Retting says.
This specific scam signals the use of text messages where hackers claim that the user has received a direct deposit of $1200 as part of the “COVID-19 TREAS FUND”. Subsequently, threat actors ask the user to take additional actions to complete the transaction, which must be completed via a phishing link attached to the message.
This fake phishing URL, which appears to come from a state agency or aid organization, takes recipients to a fraudulent website that pretends to be IRS.gov’s Get My Payment website. Scammers will collect information from people who visit the fraudulent website and then enter their personal and financial account information.
The IRS does not send unsolicited text messages or emails, nor does it send people documents with legal threats or pear to demand payment for alleged late payments. In case of detecting any attempted scam, it is recommended to notify the IRS and under no circumstances share personal information with third parties.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.