SecureMac, Inc.

Checklist 369: Tax Scams and Password Attacks

March 29, 2024

In this episode, IRS uncovers tax scams, Apple users beware! Keep updated, keep secure!

The Checklist 369: Tax Scams and Password Attacks header image

Checklist 369: Tax Scams and Password Attacks

Tax Scams Targeting Thousands, Warns IRS

In a recent podcast discussion, concerns were raised over the alarming surge in tax scams, leaving thousands of individuals vulnerable to financial losses and identity theft, as highlighted by the Internal Revenue Service (IRS).

The IRS emphasized that scammers are employing various mediums including snail mail, email, and phone calls to perpetrate these fraudulent schemes. Notably, the IRS clarified that it does not initiate contact with taxpayers via email, text messages, or social media, except under specific circumstances like overdue tax bills or unfiled tax returns.

One prevalent scam highlighted involves fraudulent emails or texts claiming to be from the IRS, prompting recipients to disclose personal information or make false claims for refunds. Additionally, a new scam via mail, falsely offering unclaimed refunds, was exposed, warning recipients to avoid providing sensitive details such as Social Security numbers and bank information.

Moreover, taxpayers were cautioned against falsifying information on tax returns to claim illegitimate credits, as scammers often exploit this tactic to obtain significant refunds through electronic filing.

The IRS also cautioned against fraudulent charity solicitations and cautioned taxpayers to be vigilant against “ghost” preparers who do not sign tax returns they prepare, potentially indicating dubious practices.

Furthermore, deceptive advertisements promising to settle IRS debts through programs like Offers in Compromise (OIC) were flagged as misleading, often resulting in excessive fees without resolving the tax liabilities.

The podcast discussion shed light on IRS impersonation telephone scams, where aggressive callers posing as IRS agents demand immediate payment via unconventional methods like gift cards or wire transfers, often resorting to threats of arrest or license suspension.

Finally, listeners were urged to remain cautious of any calls claiming to offer refunds in exchange for personal information, reiterating the IRS’s stance on not initiating such communications.

The discussion was informed by official IRS alerts and guidelines, underscoring the importance of public awareness in combating tax scams.


Apple Users Targeted in Multi-Factor Authentication Scam, Warns Experts

Recent reports from a podcast discussion shed light on a concerning trend targeting Apple users, where scammers exploit the company’s multi-factor authentication system to trick victims into unauthorized password resets, as highlighted by The Register.

The scam typically begins with victims receiving numerous password reset notifications on their Apple devices, urging them to allow or reject the requests. According to AppleInsider, victims like AI entrepreneur Parth Patel faced relentless bombardment of such requests, potentially leading to user fatigue or accidental acceptance of the reset, granting scammers access to their Apple IDs.

Experts expressed concerns over the possibility of a bug in Apple’s systems enabling scammers to inundate users with reset requests. Krebs on Security raised questions about Apple’s response to the issue but has not received any official statements from the tech giant yet.

Moreover, after declining multiple reset attempts, victims have reported receiving phone calls purportedly from Apple’s support line. These calls aim to extract personal information and a one-time reset code under the guise of assisting users with security concerns. Patel’s encounter revealed that scammers possessed extensive personal data, raising suspicion about the data sources and the authenticity of the calls.

In response to these scams, experts recommend cautious handling of reset requests and vigilance against unsolicited calls posing as Apple support. Krebs on Security suggests advanced mitigation strategies such as changing Apple ID phone numbers to less-known VOIP numbers, albeit with potential drawbacks like disabling iMessage and Facetime.

Meanwhile, The Register offers simpler advice, emphasizing the importance of skepticism towards unexpected calls and urging users to hang up on suspicious inquiries claiming to be from Apple or its support services.

As the scam underscores the importance of user awareness and security practices, Apple users are encouraged to remain vigilant and adopt precautionary measures to safeguard their accounts against such fraudulent activities.

source: The Register

Get the latest security news and deals