viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Researchers see spike in “out of season” IRS-impersonating phishing attacks
Technology

Researchers see spike in “out of season” IRS-impersonating phishing attacks

23/11/2019

A fake IRS site used in a set of phishing campaigns observed by Akamai from August to October.
Enlarge / A fake IRS site used in a set of phishing campaigns observed by Akamai from August to October.

Akamai

Tax return scammers usually strike early in the year, when they can turn the personal information of victims into fraudulent tax refund claims. But members of Akamai’s threat research team found a recent surge in “off-season” phishing attacks masquerading as notices from the Internal Revenue Service, targeting over 100,000 individuals. The attackers used at least 289 different domains hosting fake IRS websites—the majority of them legitimate sites that had been compromised. This wave of attacks came as the October 15 deadline for people who had filed for extensions approached.

According to a post by Akamai’s Or Katz, the phishing campaigns kicked off in the second half of August, with the majority of victims targeted between August 22 and September 5. But the campaigns continued to be launched into early October. Each of the fake websites used visually identical HTML pages, with randomly generated style tags and other content, in an attempt to throw off signature detection by security software.

Most of the domains were active for fewer than 20 days. However, a significant number of them remained active after a month—undetected by the owners of the sites. “The lack of maintenance on legacy websites, as well as the challenges of patching and removing injected content, explains the duration over which phishing pages can remain active,” Katz wrote.

This is consistent with research into phishing infrastructure done by Ars, as well as other research by Akamai. Because of their age—and the lack of attention paid to them by their owners, who often pay someone to set them up and then forget about maintaining them—older sites based on “legacy” versions of WordPress and other content management systems are a prime target for phishing operators, as they have a higher reputation score than freshly minted domains. Depending on the degree to which the site is compromised, they can even create subdomains and register their own certificates for the phishing site.

With these sorts of scams propagating all year, it’s worth reminding friends and family that the IRS will not email you or call you about overdue taxes or any other matter—those notices will only come by paper postal mail, usually by certified mail. So just don’t click.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

The Steam Controller is dead, but its legacy lives on
Valve Software is putting an end to one of its …

The Steam Controller is dead, but its legacy lives on

Original Content podcast: ‘The Crown’ embraces middle age – TechCrunch
“The Crown” has returned to Netflix with a new cast …

Original Content podcast: ‘The Crown’ embraces middle age – TechCrunch

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • Millions of SMS messages exposed in database security lapse – TechCrunch
    Millions of SMS messages exposed in database …
    01/12/2019
  • PlayStation reduces TV ads in November as game industry boosts spend to $62.7 million
    PlayStation reduces TV ads in November as …
    08/12/2019
  • Google CEO Sundar Pichai is now CEO of Alphabet, too
    Google CEO Sundar Pichai is now CEO …
    04/12/2019
  • Berlin-based streaming guide JustWatch acquires New York rival GoWatchIt – TechCrunch
    Berlin-based streaming guide JustWatch acquires New York …
    09/12/2019
  • Workers at Israeli surveillance firm NSO sue Facebook for blocking their personal accounts
    Workers at Israeli surveillance firm NSO sue …
    28/11/2019

Popular Posts

  • Sproutt raises $12 million to find your best life insurance policy with AI
    Sproutt raises $12 million to find your …
    11/12/2019 0
  • 10 Things Your Ancestors Did Better Than …
    20/11/2019 0
  • 60 Stunning Images Of South Asia – …
    20/11/2019 0
  • 10 Ways Slaves Will Work For You …
    20/11/2019 0
  • Top 10 Gruesome Facts About Edmund Kemper …
    20/11/2019 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2019 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.I AgreePrivacy policy