Tax Fraudsters Target Domain Names -- Is Yours At Risk
Published: May 1, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
With sports on the back burner since coronavirus, it’s an unusual double-play season this year for hackers. The current tax time, including the extension to July 15, is running right alongside with coronavirus scams. It’s a bit like the wild west on steroids, with hacking attacks set to hit record numbers this year. At the moment, hackers are looting the “Domain Train” to find what domain names they can compromise or fake. Now more than ever, with domain spoofing on the rise, it’s important to know if your domain name is safe from spoofing and fraud. Be aware that phishing emails are the primary source of delivery for spoof domains.
When a domain name is spoofed, or impersonated, it zeros in on a user’s ability or more accurately, inability to tell the difference between email from trusted vendors, co-workers, and business contacts. Sneaky scammers create domain name lookalikes that are difficult to notice unless one is very carefully inspecting every character in a domain name. When a spoof happens, the user is quickly redirected to a lookalike web page that is virtually impossible to distinguish from the real thing. The goal of a spoof site is to steal as much PII (personally identifiable information) as it can, including passwords and payment information, tax returns, Social Security numbers, bank accounts, and other valuable information.
Valimail, a company that provides email verification, studied the public Domain Name System (DNS) for 200 domain names it thought were most likely to be spoofed for tax fraud. They found the majority of the them vulnerable to phishing, business email compromise (BEC), and W-2 PII scams. They report finding 78% of the domain names aren’t protected with Domain-based Message Authentication, Reporting, and Conformance (DMARC). As a result, those domains are vulnerable to spoofing…that begins with email phishing.
As far as DMARC performance, the Federal government came out on top of the tax fraud heap, with five of six agencies protected with DMARC. However, 49 out of 55 state tax agencies surveyed don’t have DMARC policies. Analysis of the public sector found 44% of tax preparation services are DMARC protected, while 77% of the 2019 Fortune 100 are not.
Valimail offers a free service on their home web page to check if a domain name is vulnerable to spoofing. Other companies, such as Stickley on Security, can even find potential target domain names for your business and buy them on your behalf, preventing cybercriminals from using them. According to Vailimail’s CEO, Alexander Garcia-Tobar, “…individuals may be counting on a quick tax return, or they may be confused about the recently changed tax filing deadline.” Also, “This makes people all the more susceptible to convincing tax scams, and cybercriminals are always willing to take advantage of uncertainty.” Make sure your domain name isn’t one of them. And as always, remind users to keep an open to potential phishing emails in their inboxes.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org