It’s early Monday morning. You slump into your office chair and try to focus on your monitor over the rim of an oversized cup of coffee. Through bleary eyes, you discover an email from the IRS that says you underreported your income. Scrubbing away sleep with the back of your hand, you open it to find a link with instructions for reviewing your tax statement.
It’s a ransomware phishing scam.
What are ransomware phishing scams?
Ransomware is a type of malware that locks victims out of their device, demanding a ransom—often in Bitcoin or some other virtual currency—for the key that unlocks the data. These malicious programs are often spread with phishing emails include links that directly install the malware on your device. Even worse, ransomware can automatically spread to other devices that are connected to the same network.
What is being done to combat ransomware scams?
Combatting any scam requires a combination of prevention, deterrence, and hinderance. That means everyone has to work together to reduce the threat, from individual taxpayers to government agencies.
For starters, everyone should follow a basic data security checklist:
- Avoid clicking on email attachments and hyperlinks, social media ads, and website popup messages.
- Create unique, strong passwords for all online accounts.
- Exclusively visit trusted websites when conducting business, shopping online, or just browsing the web.
- Keep all locally installed software updated.
- Use security software, like antivirus and antispyware applications, firewalls, and VPNs.
Remember, accounting and tax professionals are required by law to create and maintain a written data security plan for their practice. If you’re not sure where to start, the Internal Revenue Service is a great place to start.
The IRS and its partners in the Security Summit have been raising awareness of a variety of identity theft tax refund fraud scams since the Summit’s inception in 2015. When ransomware appeared, they were quick to warn taxpayers and tax professionals of the risks for that scam and everything else that has crossed their desk before and since. (The example in the intro comes from a June 2020 press release.)
The Treasury Department this week announced a pair of advisories for financial institutions that lump ransomware payments in with similar money laundering schemes, making it more difficult for criminals who rely on ransomware phishing scams to steal money and generally make life harder for hardworking Americans.
Here are a couple quotes from the October 1 Treasury press release:
- FinCEN issued an advisory, entitled Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments, to provide information on the role of financial intermediaries in payments, ransomware trends and typologies, and related financial red flags. It also provides information on effectively reporting and sharing information related to ransomware attacks.
- OFAC also issued an advisory, entitled Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, to highlight the sanctions risks associated with facilitating ransomware payments on behalf of victims targeted by malicious cyber-enabled activities.
Even if victims try to pay these extortionists in an attempt to retrieve important business documents and irreplaceable family photos and videos, financial organizations should keep the purse strings tied tight. Besides, there’s no guarantee that payment would actually result in criminals releasing your information, but you can bank on them having already posted it on Dark Web auctions. In other words, you probably shouldn’t trust the word of criminals.