US law enforcement is actively investigating into a large number of tax information theft cases involving activities on the dark web.
In the US, residents are required to submit their tax returns by April 15. Thus, hackers and cyber criminals dealing with tax return forms and data are most active during this time of the year. Over the past few months, an increasing number of employers have reported the loss and theft of tax return forms submitted to their employees.
Most recently, Brigham Gonzalez who was scouted and appointed by a new company earlier this year, told a local publication in the US called ABC30 that her company was reportedly hacked by an undisclosed group of hackers and her tax returns have been compromised.
During an interview with ABC30, Gonzalez stated:
“She had received a letter from my previous employer stating that all of their W2’s had been stolen. Somebody pretending to be upper level management just kind of bluffed their way into getting one of the employees to fax over all of the W2’s, Long term, I know that all of my information’s still out there and anybody could decide to use it against me.”
Gonzalez’s concern in regard to the misuse of her tax returns and information is well-based, as several cyber security research firms including Krebs on Security reported that tax returns are currently being sold on the dark web at high premiums.
Previously, DeepDotWeb revealed that thousands of tax return forms have been on sale on the dark web for a large amount of bitcoin. Tax return forms are usually sold in batches and each form costs around $20 worth of bitcoin, according to Brian Krebs of Krebs on Security. He explained:
“This particular shop — the name of which is being withheld so as not to provide it with free advertising — currently includes raw W-2 tax form data on more than 3,600 Americans, virtually all of whom apparently reside in Florida. The data in each record includes the taxpayer’s employer name, employer ID, address, taxpayer address, Social Security number and information about 2016 wages and taxes withheld.”
Caleb Barlow, a security expert for IBM, further demonstrated the depth of information included in the tax return forms available for purchase on the dark web. Speaking to ABC 30, Barlow stated that highly sensitive information such as adjusted gross income and personal data are included in the tax forms sold on the dark web.
“One of the first things that we have to recognize when we go into the dark web is, it’s kind of a, ‘Don’t do this at home.’ Now here’s an example of a site that’s selling W2 tax forms along with a date of birth and you notice it says AGI. Now, an AGI stands for adjusted gross income.”
More importantly, IBM Security also released a research paper entitled “Cybercrime Riding Tax Season Tides” which revealed that tax fraud cases increased by a stagerring 6,000 percent over the past year.
“In 2016, more than 54 million Americans filed their taxes after April 1, providing more opportunity for fraudsters to file on their behalf. IBM X-Force researchers looked into its spam traps for a glimpse into the rise in tax-themed spam, and the numbers are already there. For only two of the examples that we provided in this report, we see over 6000% increase from December 2016 to February 2017,” read the report.