The Fun of Tax Fraud Phishing Robocalls

 

Yesterday while at work, I received the joy of a phone phishing Tax Fraud voicemail.  I saw the unknown number appear on my cell phone while in a meeting and did not answer.  But a little present was left by the caller, in the form of a tax fraud phishing voicemail.

These were very common as recent as six months ago and a huge annoyance to people in California and across the United States. That is, until the US Treasury Inspector General took down one of the largest groups behind these attacks earlier in the year.  It had the desired dissuasion effect across these groups, as much of the call calls stopped, at least for a while.   Apparently, it looks like another criminal group has stepped in to fill the void.  Deterrence tends to only last for a short period of time when competing with the growing greed of thieves.

Ironically, earlier in the week, I was giving a presentation on phishing, talking about how fraudsters can use email, phone, and texts to commit fraud. The normal modus operandi (MO) for these panderers is to call unsuspecting victims, identify themselves as the Internal Revenue Service and demand money and threaten legal action, up to and including threats of going to jail.  They can be convincing and persistent when they detect weakness.  Unfortunately, some people pay these criminals, which feeds the cycle of greed, which motivates them to move on to the next target.

Here is the transcript of the voicemail, which was in a mechanical monotone voice, obviously delivered using automated text-to-speech software:

“…Internal Revenue Service, this is to let you know we have received a legal petition notice concerning cash fraud invasive against your name. So before this matter goes to the federal claim court kindly call us on the same number 360917870 repeat 3605917870. You have a nice day.”

Yes, just for fun I did the research, this number is ranked on the top list for fraudulent IRS Tax callers for the week. I am a cybersecurity strategist, so this stuff is entertaining for me.

Surprise

Over the years, I have heard a lot of these scams and one thing did surprise me with this call. At the end of the fraudulent message the automated voice clearly said "have a nice day". That is a first!

I think from now on all fraudulent calls should end with "have a nice day". A little politeness is appreciated by your intended victims. If you are going to attempt to fleece innocent peoples of their hard earned money, the least you can do is have a little civility.

Government Impersonation Scams are a Big Problem

Phishing scams are up 400% this year. The IRS is aware of over 5,000 victims who have collectively paid over $26.5 million as a result of such frauds. If you ever get a call from an “IRS” representative, do NOT give any personal information. Take their name, badge number and phone number then hang up. Call the IRS directly at 1-800-366-4484 to determine if the caller is an IRS employee with a legitimate need to contact you.

The IRS does not use automated calls to solicit money and does not demand immediate payment over the phone. If the IRS has a grievance with you, they will send you paperwork in the mail before trying to reach you by phone. For more information or to report being a victim, go to the IRS website.

What happens when Law Enforcement is Phished

If you want to hear something hilarious, this is a YouTube video of an IRS Scammer accidentally called the Orange County District Attorney investigator who chats with him. Some great insights, but also contains some vulgar language.

Video Link: https://youtu.be/A6yAyIo_DNY

Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

Published on Categories SecurityTags , ,
Matthew Rosenquist

About Matthew Rosenquist

Matthew Rosenquist is a Cybersecurity Strategist for Intel Corp and benefits from 20+ years in the field of security. He specializes in strategy, measuring value, and developing cost effective capabilities and organizations which deliver optimal levels of security. Matthew helped with the formation of the Intel Security Group, an industry leading organization bringing together security across hardware, firmware, software and services. An outspoken advocate of cybersecurity, he strives to advance the industry and his guidance can be heard at conferences, and found in whitepapers, articles, and blogs.