Posted by - December 05, 2019

A large-scale threat campaign used several fake IRS websites to target over 100,000 people this summer. Researches at cloud security solutions provider Akamai, discovered that the phishing campaign used hundreds of different types of domains and URLS to imitate the Internal Revenue Service of the United States for over two months. Victims of this threat campaign were directed to a fake IRS login, asked to enter their email address and password, and were tricked out of offering personal information. The fake campaign in total used at least 289 distinctive domains and 832 URLS to target people from all over the world.

It also appears that the threat actors have targeted legacy websites. Katz, principal lead security researcher at Akamai expressed that he believes that a lot of the websites that hosts the IRS phishing page are legit websites that have been compromised and hijacked by cyber criminals mostly because of the public’s trust in these websites.  Katz also predicts that it is not a coincidence that the hacking began in August. Research has indicated that August is a good time for criminals to receive engagements from victim since it is a time for vacationing where victims have more  time to read personal email, open suspicious links and browse the internet.


If you are worried about fake websites for you or your company and would like to setup security awareness training, OptfinITy can help.  Give us a call at 703-790-0400 or via email at

Leave a Reply

Your email address will not be published. Required fields are marked *