Beware of Fake IRS Websites: Over 100,000 People Targeted in Recent Phishing Scam
This past summer, a large-scale phishing campaign exploited fake IRS websites to target over 100,000 individuals worldwide. Researchers from Akamai, a cloud security solutions provider, uncovered that the threat actors operated the campaign for more than two months, using hundreds of deceptive domains and URLs to impersonate the Internal Revenue Service (IRS) of the United States.
How the Phishing Scam Worked
Victims were directed to fake IRS login pages where they were prompted to enter their email addresses and passwords. These fraudulent sites also sought to extract personal information from unsuspecting users. In total, the campaign utilized at least 289 unique domains and 832 URLs to carry out its attacks.
Legacy Websites and Public Trust Exploited
One of the alarming aspects of this campaign is its reliance on compromised legacy websites. According to Katz, principal lead security researcher at Akamai, many of the sites hosting these IRS phishing pages were legitimate websites that had been hijacked by cybercriminals. “These sites were likely targeted due to the public’s inherent trust in them,” Katz explained.
Why August Was Chosen
Interestingly, the campaign’s timing appears to be strategic. Research indicates that August is a prime time for phishing attacks as it coincides with vacation season, a period when people are more likely to check personal emails, click on suspicious links, and browse the internet. Katz believes this timing was no coincidence and highlights the importance of staying vigilant, especially during periods of increased online activity.
Protect Yourself and Your Business
If you’re concerned about the risk of falling victim to fake websites or phishing scams, security awareness training is an essential defense. OptfinITy can help safeguard your personal and business information through comprehensive training programs designed to educate and empower users.
Contact us today at 703-790-0400 or email us at sales@optfinity.com to learn how we can help protect you from cyber threats.
Leave a Reply