Sharp Increase Of Phishing "From" Dutch Tax Authority

belastingdienst - BICWikimedia CommonsCC-BY-SAThe Dutch Tax Authority saw a sharp increase in reports of phishing emails and text messages made to look like they came from the Tax Authority since the start of the coronavirus crisis. The number of reports is currently two to three times higher than normal, NOS reports.

The scammers, for example, send out texts or emails made to look like they came from the Tax Authority, saying their target has to pay outstanding taxes into provided bank accounts, often the accounts of money mules. Or the victim receives a link to a fake website, where they have to enter the DigiD login details. "But the Tax Authority never communicates by email or text message," Henk Hendriks of the Tax Authority said to the broadcaster.

The Tax Authority usually receives around 2 thousand reports of such phishing scams per week. "During the corona crisis, we saw a peak of between 10 thousand and 12 thousand reports per week," Hendriks said. That has since dropped to between 4 thousand and 6 thousand weekly reports. "The Tax Authority tries to block as many fraudulent domain names as possible, but it's like mopping with the tap open." 

According to Hendriks, the increase in phishing scams during the coronavirus crisis likely has to do with everyone having more time to be online. The figures are based on people reporting suspicious messages or emails they received to the Tax Authority. How many people fall for these scams, is unknown.

The coronavirus crisis also brought an increase of WhatsApp phishing scams, in which the perpetrator pretends to be a friend or family member of their target and asks for money for an emergency.  Source:

Will your users respond to phishing emails?

KnowBe4's new Phishing Reply Test (PRT) is a complimentary IT security tool that makes it easy for you to check to see if key users in your organization will reply to a highly targeted phishing attack without clicking on a link. PRT will give you quick insights into how many users will take the bait so you can take action to train your users and better protect your organization from these fraudulent attacks!

PRT-imageHere's how it works:

  • Immediately start your test with your choice of three phishing email reply scenarios
  • Spoof a Sender’s name and email address your users know and trust
  • Phishes for user replies and returns the results to you within minutes
  • Get a PDF emailed to you within 24 hours with the percentage of users that replied

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews