During the second quarter of 2019 Kaspersky experts detected multiple mailshots pretending to be offers for tax refunds worldwide. This period traditionally used as a deadline for filing tax returns and refunds in many countries. Using the scheme criminals, were trying to steal valuable information, or in some cases, install dangerous spyware. This and other findings are revealed in the Spam and Phishing in Q2 2019 Report.
Spam and phishing malicious letters usually contain links that lead users to a seemingly legitimate web-page, created by fraudsters and aimed at stealing various types of personal information. Attacks of this type are becoming more common in Thailand — in Q2 2019 over 9% of users in the country were infected, compared to 7% during the same period last year. These mailshots often exploit seasonal activities to strike victims harder than usual fraudulent tricks, as there is less awareness around them compared to permanent threats. What’s more, in the case of temporary disguises, scammers can use one of the most effective social engineering techniques – giving a limited amount of time to act, justifying it with the real-life circumstances, and therefore tilting the victim towards making spontaneous decisions.
The detected wave of tax refund fraud came under the guise of tax refund letters with short expiration dates. For instance, malefactors used fake major UK tax services to urge victims to follow the link and fill out the form immediately, while emails under the guise of the CRA (Canada Revenue Agency) were giving the recipient just 24 hours to respond, otherwise a tax refund would not be possible.