At a glance.
- It’s hunting season for tax fraudsters.
- Judge rules against class action lawsuit for CareFirst breach.
- Top FBI official speaks out in support of Section 702.
It’s hunting season for tax fraudsters.
It’s the height of tax season in the US, and as usual, cybercriminals are finding ways to take advantage of businesses and individuals who are focused on filing their taxes in a timely and lawful manner. The researchers at Trustwave SpiderLabs offer a breakdown of some of the most common trends in tax scams so far this year. The top two file extensions used in tax season email scams are .htm and .html (62%), likely because they allow fraudsters to create convincing fake web pages with diverse content. As for the most popular schemes, IRS impersonation tops the list, with cybercriminals posing as Internal Revenue Services representatives sending phishing emails or text in an attempt to trick targets into handing over confidential information.
Another popular tactic is using tax documents to deliver malware. In one recently observed scam, the attacker sent the target an email including a .docx file called ‘W2-2022.docx,’ stating the document contained important tax info. Instead, opening the file connects the victim to a malicious website that installs infostealer malware. Other scams attempt to convince targets they’re wanted for tax evasion, and some fraudsters even resort to old-school methods like snail mail or even faxing in order to communicate with potential victims. In order to protect yourself, experts recommend that users always verify the authenticity of any sender’s email address and refrain from clicking on any suspicious links. As well, avoid sharing any personal information, especially Social Security numbers, and stay educated about the latest scams.
Judge rules against class action lawsuit for CareFirst breach.
Earlier this week a Washington, DC Circuit Court judge determined that three data breach lawsuits being filed against CareFirst will not be consolidated into a class action filing. After a phishing scam successfully duped a CareFirst employee into handing over his credentials, the health insurance giant experienced a 2014 cyberattack that potentially exposed the data of 1.1 million patients, SC Media recounts. The lawsuits claim that “CareFirst committed a host of errors that allowed the hackers to access the company’s data and remain undetected for a prolonged period of time, including failing to reset passwords on certain company accounts, disable local administrator accounts, perform a password reset… install two-factor authentication,” among other accusations. The judge in question, however, declined the effort to consolidate the cases, stating “it would impermissibly sweep” individuals into the suit who have not experienced actual harm.
Top FBI official speaks out in support of Section 702.
As we’ve previously discussed, Section 702, a US that authorizes government surveillance, permitting warrantless collection of data on foreign targets, is poised to expire at the end of the year. As a result, there has been much debate over whether the program should be extended, and the Washington Post reports that a top Federal Bureau of Investigation (FBI) official voiced her support for the program earlier this week. Speaking at the Aspen Verify conference on Wednesday, assistant director of the FBI’s directorate of intelligence Tonya Ugoretz stated, “It really is one of our most important national security tools for not only cyber, but really any type of national security threat.”
Among other things, opponents of Section 702 note that the data of American citizens often get swept up in investigation queries, which could be considered a violation of privacy rights. Ugoretz noted that introducing barriers preventing search queries would impede necessary investigations. She backed up her claim by describing a theoretical scenario in which preventing the issue of a warrant for Section 702 could prevent intelligence officials from obtaining the data necessary to catch the perpetrators of a ransomware attack. She explained, “We often see that foreign cyber actors conduct extensive research, reconnaissance, etc., when they are targeting in the U.S. that in the times when that information becomes known to use through 702 collection, but because the information is US personal information that we are querying is not the target of investigation, we would not be able to meet the standard for a warrant.” Jeff Kosseff, an associate professor in the US Naval Academy’s Cyber Science Department, recently argued in support of such warrant standards. “While the intelligence community is correct that such requirements can slow down intelligence operations or criminal investigations, the same can be said of nearly any restriction on government surveillance,” he stated.