From the Security Experts

April 14, 2009

Taxpayers Beware: Cyber-Criminals Seek to Intercept IRS Filings

By SIP Trunking Report Editor

Fears of an April Fools’ Day attack by the so-called “Conficker” worm – fears that were confirmed this week when 700 computers at the University of Utah were attacked – raised the profile of the potential for cyber-criminals to enter networks and siphon off private information.

Now, on the eve of tax day, experts are telling TMCnet that U.S. residents must be extra-vigilant when using electronic filing systems to get their forms into the IRS.
According to Ron Meyran, product marketing manager of security for integrated application delivery solutions provider Radware Ltd., there are two major risks associated with e-filing: information theft and identity theft.
“The question is: Where are the risk points?” Meyran told TMCnet in an interview. “Assuming the IRS is quite secure, the risk is in two places, because taxpayers are either filing directly or through an accountant. A lot of users’ information is going to an accountant, so it’s probably stored on a secure computer and then transmitted using a secure channel to the IRS.”
In recent weeks, Meyran said, Radware has seen several phishing scams online – such as those offering free filing services. To protect themselves, users should start with a copy of Microsoft Windows’ antivirus and register to a secured – rather than a regular – Internet connection.
“The second major point I would make is about basic education,” Meyran told TMCnet. “Just don’t believe that anything is offered for free.”
It’s a problem that experts today are saying is growing exponentially.
As TMCnet reported, officials with one Cupertino, California-based security, storage and systems management solutions provider say they’re seeing malicious code grow at a record pace.
Officials with Symantec Corp. say in a new report that the malicious code primarily targets computer users’ confidential information.
According to Stephen Trilling, vice president of the company’s security technology and response group, Symantec also is seeing attackers shift away from mass distribution of a few threats to micro-distribution of millions of distinct threats.
“Cybercriminals are profiting from creating and distributing customized threats that steal confidential information, particularly bank account credentials and credit card data,” Trilling said. “While the above ground economy suffers, the underground economy has remained consistently steady.”
That recalls some of what TMCnet heard recently from the world’s largest maker of computer networking gear. Officials at Cisco Systems Inc. say that cyber-criminals’ attacks are becoming more targeted and sophisticated.
Also, security experts from Google Inc. told us in an interview here that spammers are leveraging people’s fears in this down economy.
Here’s a look at new malicious code threats, according to Symantec:

Even with the risks associated with e-filing, Meyran said, the system should be seen as at least as secure as snail mail.
“Mail is easily tracked and copies can go anywhere,” he said. “The best way is simply to use a secure channel.”
For Chas Roy-Chowdhury, a London-based accountant who serves as head of taxation for the Association of Chartered Certified Accountants, professionals are well aware of security issues and are less likely to be duped by phishing scams.
Though it would seem that sending information to an accountant is an extra step that increases security risks, taxpayers generally send their accountants raw data that isn’t much use to cyber-criminals in that form.
“If there is any intercept between you and the accountant, it’s not as dramatic a consequence for you as if the final product or file went to the incorrect Web site,” Roy-Chowdhury told TMCnet.
Right now, he said, cyber-criminals are trying to leverage headlines about potential savings in the economic stimulus package that President Barack Obama signed into law, or other “newsy” items, to lure taxpayers into traps.
“We have groups that are trying to mimic the IRS, scams where e-mails are saying to the taxpayer making out that they’re from the IRS when in fact, on close inspection, you can see that they’re not coming from a ‘.gov’ address,” he said. “These are the kinds of phishing scams that accountants are better prepared to identify. As a group, we are far more streetwise to tax filing scams than your average taxpayer.”

Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users.

Michael Dinan is a contributing editor for TMCnet, covering news in the IP communications, call center and customer relationship management industries. To read more of Michael's articles, please visit his columnist page.

Edited by Michael Dinan