Researchers at Malwarebytes warn that cybercriminals are peddling stolen tax documents for as low as $4 per identity, with freshly stolen forms selling for $20 each. These documents allow threat actors to conduct refund fraud, using stolen personal information to claim victims’ tax refunds.
“Rather than harvesting data from scratch, fraudsters can simply purchase massive datasets of stolen Personally Identifiable Information (PII), complete with ready-to-use W-2 and 1040 forms,” the researchers write.
“For more sophisticated operations, Initial Access Brokers (IABs) auction off direct network access to compromised Certified Public Accountants (CPAs) and accounting firms. Beyond raw data and access, this underground economy provides a full suite of ‘fraud-as-a-service’ tools—including on-demand services to forge supporting financial documents and dedicated instructional hubs featuring step-by-step tutorials.”
Malwarebytes offers the following advice to help users avoid falling for these attacks:
- “File your taxes early. Submitting your legitimate tax return early makes it much harder for criminals to file one in your name first.
- Protect your Social Security number. Avoid sharing your Social Security number unless it’s absolutely necessary.
- Watch out for phishing emails and texts. Scammers often pose as the IRS, banks, or tax services to trick people into revealing personal data.
- Use strong, unique passwords. If criminals gain access to your email or financial accounts, they may be able to collect the information needed to impersonate you.
- Monitor your accounts and credit reports. Unexpected tax notices, rejected returns, or unfamiliar financial activity can all be warning signs of identity theft.
- Consider an IRS Identity Protection PIN (IP PIN). An IP PIN adds an extra verification step when filing your tax return, helping prevent criminals from filing in your name.”
Malwarebytes has the story.
