Tax-related themes are frequent lures for phishing emails and websites. Sunnyvale, Calif.-based Proofpoint revealed cybercriminals expanded their attack methods this tax season to include ransomware, malware, malicious documents, and social engineering.

In a blog the cybersecurity firm reported scammer expansion beyond traditional phishing lures to get sensitive information access. These additional attack methods include using email subject lines, which highlight a new IRS policy, a loyalty tax refund, and electronic filing; posing as tax companies to steal personal details; and a recent campaign promising a quick online refund process after providing bank account information.

Proofpoint reported tax-themed email campaigns encapsulate the broader trends highlighted in its 2016 Threat Report: large-scale distribution of ransomware via email, geographic targeting of banking Trojans, variation of payloads, and increasing adoption of URLs in place of document attachments.

Continue Reading for Free

Register and gain access to:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
  • Educational webcasts, white papers, and ebooks from industry thought leaders.
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).