Geeks for your information News Privacy & Security News v
IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish
IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  08 October 20, 12:18
Quote:A credential-phishing email campaign is making the rounds, using the lure of coronavirus tax relief to scam people into giving up their personal information.
 
The data-harvesting cybercriminals are looking to take advantage of the Internal Revenue Service (IRS) deadlines that are approaching for consumers who haven’t received an Economic Impact Payment. While most Americans got their one-time $1,200 payment in the spring, those who don’t usually file tax returns (such as those on Social Security) weren’t automatically included in that payout. These individuals have until Nov. 21 to register for their assistance check. Meanwhile, taxpayers who requested an extension of time to file their 2019 tax return have a deadline of October 15.
 
The emails purport to contain an important document about COVID-19 relief funds from the IRS. Clicking the link in the email leads readers to a SharePoint form that they were told to complete before accessing the document, according to Chetan Anand, co-founder and architect at Armorblox.
 
The SharePoint form asks for email credentials, Social Security numbers, driver license numbers and tax ID numbers.
 
The sneaky use of the SharePoint form as an interim step helped the emails get past email gateways, Anand noted, in a blog posted Wednesday.
 
“This email got past existing Office 365 email security controls because it didn’t follow the tenets of more traditional phishing attacks,” he wrote. “When victims clicked the link in the email, they were led to a SharePoint form that asked for email credentials along with a host of other personal information…Since the phishing link pointed to a legitimate SharePoint page, it got past any email security filters designed to block known bad domains. The familiar Microsoft branding on the page might also put victims’ minds at ease as they subconsciously buy into the legitimacy of the email. It’s worth noting the irony-laden footer asking people not to share passwords or give away personal information.”

Read more: https://threatpost.com/irs-covid-impact-...sh/159913/
[-] The following 2 users say Thank You to silversurfer for this post:
  • harlan4096, Toligo
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
XYplorer
What's new in Rele...Kool — 15:21
Free Download Manager 6.30.0.6459
Changes in 6.30.0....harlan4096 — 13:51
AMD introduces Ryzen PRO 9000 series, Ry...
AMD launches first...harlan4096 — 13:49
Ashampoo Home Design 10 FREE!
Jaki jest kodCygi — 09:31
AMD launches EPYC 4005 Embedded, Zen5 CP...
AMD has new EPYC 4...harlan4096 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (38)fapedDow
avatar (48)pohudidere
avatar (38)eqiduseb
avatar (49)skepwHug
avatar (38)RicardoGoase
avatar (43)Denpokhew
avatar (35)azidony
avatar (40)maskbSleew

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>