Stressed Taxpayers Bombarded with Scam Emails

A scam email campaign is being blasted out, preying on taxpayers weary of the trials and tribulations of tax preparation. This particular email hits at the common fear taxpayers have of making a grievous mistake in their tax returns and incurring the wrath of the IRS.

WannaCry revisited?

The email begins with the statement, “Forward this mail to whoever is important in your company and can make decision.”

The attackers say they have evidence of tax evasion or other fraudulent tax-related activities.

The email goes on to warn the victim that they will be on the receiving end of a cyber attack onslaught, including a DDoS attack and the dreaded WannaCry ransomware, if they don’t comply with the attackers’ demands.

The attackers are asking for two bitcoins, which is roughly $10,000. Cryptocurrency has become the payment method of choice of cybercriminals due to its untraceable nature.

What they’re demanding is essentially hush money for the supposed illicit financial activity. This concept is quite similar to other scam campaigns, such as those where attackers claim they have evidence of infidelity or webcam footage of you.

Phishy red flags

Right of the bat, there’s evidence of a scam. The attackers are fishing (phishing?) for the person in charge. They don’t know. If they have this supposed tax evasion evidence, they would most certainly know what’s going on.

They make mention of intercepted documents and data, but these are extremely vague statements.

A classic pressure tactic is to mention a countdown. The attackers claim they can see when a message is opened and will start the march towards the infection deadline when this happens. The attackers want you in a state of panic so you may be more apt to perform rash actions.

There’s nothing in the samples found by security researchers that shows any specificity, just blanket statements. This is a classic scam email, and it should be avoided.

Staying safe

User awareness and basic cybersecurity training is a must for all businesses.

“If you own a business, you absolutely have to educate yourself and your staff on current cyber threats,” said Brian Walker. “All it takes is one user to make a mistake for a cyber incident to occur. We’ve seen this happen over and over.”

“Thrive provides many security services, such as managed firewalls, backups, and enhanced breach protection at the DNS level,” said Aaron Allen. “We also provide security training for your staff, as well as phishing and penetration testing to evaluate your susceptibility to attack.”

Thrive’s security testing can indeed illuminate heretofore unidentified attack vectors, and many of our customers have benefited from the knowledge gleaned during these tests.

“For the ultimate in IT security and service, trust Thrive.” said Walker. “We’ll handle all your IT and network security for one fixed fee. Contact us today!”