The Internal Revenue Service (IRS) in the US is warning people regarding an email phishing scheme that uses the name of the agency and FBI in order to infect computers with ransomware and then demand money to unlock files.
The message states that in light of the changes to tax laws in the country, a questionnaire is required to be answered by the receiver. To create a sense of urgency, it further notes that the form should be signed and sent back within 10 days. However, the link provided will instead download ransomware that will encrypt files on the host computer.
“This is a new twist on an old scheme,” said IRS Commissioner John Koskinen. “People should stay vigilant against email scams that try to impersonate the IRS and other agencies that try to lure you into clicking a link or opening an attachment. People with a tax issue won’t get their first contact from the IRS with a threatening email or phone call."
The IRS advises that victims of the scheme should not pay the ransom demanded by the cyber criminals. It also emphasizes that the agency does not use email, text messages, or social media to discuss tax issues with those concerned.
Ransomware that use the identity of government agencies have been around for quite a while. These are known as "police ransomware," where users are accused of doing something they did not do, demanding money in exchange for the freedom of their device. Since it looks to be from authority, more people fall victim to the scam, therefore bringing in more money for the criminals.
As mentioned above, it is not ideal to shell out money to pay the demand. This encourages those behind it to continue the business. It is also not guaranteed that the system or files will be unlocked. Paying attention to the files we download and links we click on will go a long way already, in order to stay safe online.