DNSFilter Finds Surge in Tax-Related Scams as Tax Day Approaches
Uncategorized

DNSFilter Finds Surge in Tax-Related Scams as Tax Day Approaches


DNS security experts share insights to help organizations and taxpayers stay safer

WASHINGTON, March 13, 2025 /PRNewswire/ — As tax season 2025 ramps up, cybercriminals are trying to exploit unsuspecting taxpayers. Data from DNSFilter reveals a significant surge in tax-related scams in the lead-up to the tax filing deadline.

New services and changes introduced by the IRS this year are adding to the challenge of tax filing security, including the launch of Direct File service in several states, which is designed to streamline the filing process for some taxpayers. To gain insight into what customers should be wary of this year, DNSFilter combed its extensive datasets to discover how scammers operated last year.

Among the findings:

  • Bad actors are increasingly using tax terminology to trick individuals: DNSFilter’s researchers found that traffic to malicious domains with “tax” in the name peaked on the DNSFilter network in the 30 days before Tax Day last year; in fact, there was a 693% rise in traffic to these domains between March 15-April 15, 2024 compared to the rest of the 2024 tax season. In 2024, cyber criminals increasingly impersonated well-known tax software providers like TurboTax; these phishing attempts peaked in mid-March and continued throughout the tax season, as hackers sought to deceive users into sharing sensitive personal information.
  • In 2024, scam activity remained high even after the April 15 deadline: This indicates bad actors likely preyed on fear and anxiety by targeting those taxpayers who either missed the deadline or filed extensions.
  • Scams targeting fuel tax credits are on the rise – In a recent IRS warning about fuel tax credit scams, from 2024 to 2025, threat domains with “fuel” in their names increased by 121%, highlighting a growing concern around these fraudulent offers.

As citizens gear up for Tax Day 2025, it’s important to stay alert and verify all websites and email requests before providing any sensitive information. The IRS has issued its annual warning to taxpayers about the “Dirty Dozen” tax scams. Several of these scams remain prevalent, and others are emerging as major threats this 2025 season. The list includes:

  • Phishing and Smishing: These tactics remain the most common forms of tax-related scams, where attackers impersonate legitimate entities like the IRS via email, text or phone calls to steal personal information.
  • Fake Charities: Scammers continue to exploit taxpayers’ goodwill by creating fraudulent charity websites to steal donations. On the DNSFilter network, we see this risk all year-round.
  • Misleading Offers in Compromised and Ghost Tax Preparers: Scam websites promising to reduce tax liabilities or providing unlicensed tax preparation services continue to surface. These threats remain on the radar for continued monitoring.
  • New Client Spear Phishing: Cybercriminals are increasingly focusing on targeted phishing attempts aimed at consumers seeking tax services.

Ken Carnesi, CEO and co-founder, DNSFilter, said: “Tax season is stressful enough for Americans without having to be wary of fraudsters. Our data shows that malicious tax-related traffic increases this time of year, meaning people need to exercise extra caution to avoid phishing and related scams. Our mission is to keep people, businesses and organizations secure against the many web-related dangers lurking on the internet. We’re presenting this data to help organizations and taxpayers avoid scams and malicious sites during this often-stressful time.”

About DNSFilter:

DNSFilter is making the Internet safer and workplaces more productive by blocking malicious and unwanted content at the DNS layer. DNSFilter resolves upwards of 170 billion daily queries—200 million of those queries are blocked cyber threats. With 79% of attacks using Domain Name System (DNS), DNSFilter provides the world’s fastest protective DNS powered by AI, blocking threats an average of 10 days faster than traditional threat feeds. Over 40,000 organizations trust DNSFilter to protect them from advanced cyber threats and unwanted content.

SOURCE DNSFilter



Source link