Tomorrow, April 6, the 2021 Income and Heritage campaign begins in Spain. It’s time to catch up with the treasury and the easiest way is to use the internet. But beware, cybercriminals are on the hunt and take every opportunity to distribute malware, such as an active phishing campaign that uses as an argument “Tax irregularities” to steal citizens’ personal and financial data.

The 2021 Income and Wealth campaign for online confessions begins tomorrow in a campaign that runs until June 30. The tax office makes their proposals available to taxpayers, which should always be thoroughly reviewed if you can add deductions that match you. For access to proposals and / or statements online Before the agency, you must identify yourself on its website or application in the following ways:

• Electronic certificate or electronic DNI.
• With Cl @ ve PIN system.
• By reference number.

For this year’s campaign workers who gained income of less than € 22,000 per year from a single payer. Even so, it is advisable to download the proposal and assess the presentation if we want to recover the deductions made.

As for the news of the campaign, they highlight the so-called new section for cryptocurrencies where we will have to allocate balances in virtual currencies or other gains and losses resulting from the transfer of assets from any transaction we have carried out with cryptocurrencies since 11 July 2021, provided they have yielded revenue. There is also an adjustment to the tax rate and also to new deductions that we can practice. You can find out all about this on the Agency’s 2021 Revenue Campaign website.

Phishing in the revenue campaign

Cybercriminals are taking every opportunity to spread malware, and if it is a massive campaign we are dealing with, where millions of taxpayers use the internet to catch up with the treasury, the better. Actually, the preferred time is the annual tax return campaign as we have seen in previous years. Especially through phishing, the second most dangerous type of computer attack after ransomware.

This year will be no different and the security company Bitdefender has identified it malspam campaign aimed at European users which uses tax irregularities as an argument. Attackers send unpaid amounts to users of Windows and Android devices. These messages contain the LokiPWS Trojan, which is able to steal data such as username, password, cryptocurrency wallet information and other login details.

The reports use the name and image of the agencies responsible for collecting the taxes and request access to the attached file for access to information on alleged non-payment in VAT returns. This file is usually called “value added tax.rar” or “VAT payment default1.rar”.

It’s just a demonstration of what awaits us. It must be said that the official authorities They will NEVER request this type of data taxpayers and, of course, you should pay no attention to them. Unfortunately, this type of attack is still highly effective because it requires only a fraction of users to succumb to its “bait” and “bite” in order to be profitable.

Anti-phishing recipes, whether in an income campaign or any other, are well known:

• NEVER respond to unsolicited messages from official authorities.
• NEVER enter bank details, PIN codes or passwords.
• Be suspicious of reports with spelling and grammar errors, although criminals try to make them as accurate as possible.
• NEVER open attachments or click on links in the body of e-mail messages that do not offer maximum security.
• Always use unique and complex passwords for each of your accounts and enable two-factor authentication whenever possible.