Patrick Tiquet, a vice president at Keeper Security, noted that cybercriminals can now create realistic video and audio impersonations of IRS agents, tax professionals or even family members, tricking individuals into divulging information like Social Security numbers or tax credentials. Deepwatch CISO Chad Cragle and several others separately confirmed that they are seeing an increase in AI-driven attacks this tax season, particularly with convincing phishing emails and deepfake audio designed to impersonate trusted tax officials. Cragle added that attackers are replicating voices to deceive victims over the phone and are offering to help victims create IRS online accounts, prompting them to hand over sensitive financial information. Cragle said counterfeit sites are leveraging SEO poisoning, altering search engine rankings to seem legitimate and lure in victims while Ellis added that cybercriminals are also exploiting unpatched vulnerabilities in tax software or third-party integrations. Artificial Intelligence has supercharged an array of tax-season scams this year, with fraudsters using deepfake audio and other techniques to intercept funds and trick taxpayers into sending them financial documents. These scams are designed to steal login credentials, Social Security numbers and other sensitive financial information, Smith said. Cybercriminals have long used tax season lures during the first four months of the year, but multiple cybersecurity experts have recently pointed to one worrying update to the schemes: AI-enabled voice phishing attacks. Experts also spotlighted a panoply of phishing sites and spoofed platforms designed to take advantage of people searching for terms like “Trump tax refund” or others looking for well–known tax companies like H&R Block. “Between February 12 and 28, 2025, tax-themed phishing emails were sent to over 2,300 organizations, mostly in the United States in the engineering, IT, and consulting sectors,” Microsoft said, noting that the emails were empty but had PDF attachments with QR codes linking to malware. Zimperium’s Kern Smith said he has seen a rise in mobile-first attacks, where attackers send texts posing as the IRS or a tax service, urging recipients to click on malicious links or download fake apps. Hackers are using AI-generated audio to pretend to be a person’s tax preparer, accountant or the IRS — using previously stolen personal information to lend credence to the scam. People should also verify identities before handing over information and refuse any demands that sound urgent, either over the phone or in emails.
This Cyber News was published on therecord.media. Publication date: Mon, 14 Apr 2025 14:15:28 +0000