Tax Scams Increase as Tax Season Approaches
Criminals are targeting users with a new scams that include leveraging remote desktop software and compromising small tax-prep company websites. E-mail scams are also in the mix this year, one in particular that uses the legitimate app, TeamViewer to take over victims' systems.
The attacks are emerging alongside the traditional e-mail based attacks that try to trick users into installing malware that can steal credentials or take control of systems. One of the new target tax scams uses the legitimate TeamViewer remote-control app to do its work. Other email-based attacks this year uses more traditional malware like the Trick banking trojan.
Hackers are focusing on smaller tax-preparation firms because smaller companies often have fewer resources and less expertise to prevent these attacks. If you have the word "Tax" in your domain name, you're likely to be targeted. Attacks on legitimate small-business sites targets ones with un-patched and out-of-date WordPress or other content-management installations to take control of the sites to distribute malware.
Hackers use these vulnerabilities to get access to the site, make changes to the pages so that it is not detected unless one views the raw html. This hides the compromise from visitors as well as site owners who don't know HTML well enough to recognize the change.
For users, treat all tax-themed attachments as potentially hostile to avoid these scams this year. For those who own tax preparation and accounting companies, keep your plugins up to date. Iy you are using a hosting company, make sure that they keep their sites patched and that they handle website security.