Tax Evasion Scam Spreads, and Hackers Want Paid — or Else…
Extortion emails have increased in popularity lately, starting with the massive sextortion campaign that began earlier this year.
Now, a new extortion scam is underway that claims the victim’s computer was hacked. Then, upon being hacked, it was determined taxes were being hidden from the Internal Revenue Service and other tax authorities. To avoid further issues, the hackers demand two bitcoins. If the victims opt not to pay, hackers threaten to notify the “Tax Department”, execute a denial-of-service attack on the network, and then encrypt network files using the WannaCry ransomware.
The tax extortion email has a subject line of “Incident: [random characters]” and appears to be targeting companies rather than individual users. Researchers are able to confirm this based on the first sentence of the spam email, which states “Forward this mail to whoever is important in your company and can make decision!”
To date, the listed bitcoin address has not received any extortion payments and it’s unlikely that it will. These extortion scams rely on scaring the user into making a payment in order to avoid embarrassment. Unlike individual users, businesses are less likely to make a hasty judgement call, and pay the hackers. Alternatively, they will likely take a different approach and contact the proper authorities.
