The 2022 revenue campaign began this week in Spain, kicking off a period of “reckoning” with the public purse. As has been the case in recent years, malicious campaigns attempting to do this have been exposed at the start of the earnings period impersonate a tax authority. Great care!

Identity theft is a malicious activity that has become widespread in recent years with the explosion in the use of mobile internet, SMS, social networks and instant messaging applications. It is basically your goal impersonate another person or digital entity. It must be said that some types of these campaigns are detected every week, but it is during media periods like this one that criminals work most actively. The motivations are common and range from data theft to fraud and deception to obtain information or financial gain, to cyberbullying, blackmail or grooming.

The Tax agency It is one of the organizations that receives the most identity theft attempts. Cybercriminals try to take advantage of the “terror” that the Treasury, or the lack of response to its demands, instills in every taxpayer. Or, conversely, a message about economic return or similar. Some are crude attempts, others are better prepared and many users may fall for them.

Income 2022: malicious campaigns

As expected, attempts to impersonate the Treasury have increased in recent days, and ESET warns against a phishing campaign with both email and text message distribution.

In the case of an SMS, we are notified that our taxes have been refunded, which many users may interpret as an income statement to return. In order to claim this refund, we are asked to access a link that they want to pass off as legitimate, but if we pay attention, we can verify that it has little to do with the link of the real tax agency.

The message is suspicious, no, the following. But we still fart…

If you click on the link, it will redirect you to a website that looks quite similar to the legitimate one, but the domain it is hosted on has nothing to do with it. This scam website tells us how to get a supposed refund, starting the process by pressing a button prepared by the criminals, which means giving them your credit card information. You already know the rest: they are going to rob you.

Recommendation: usual

Prevention and caution are the best antidote to these malicious campaigns, which use different variants of phishing. If the bad guys use social engineering, we have to use common sense. Unfortunately, these types of attacks are still highly effective because they only require a small percentage of users to fall for their “bait” and “bite” in order to be profitable.

The usual anti-phishing and identity theft recommendations are:

• Be wary of any request that requires you to provide personal information.
• Be very careful with messages purporting to be from official organizations: they are the most used for impersonation.
• Do not open emails, SMS or chats from users you do not know or that you have not requested. Fry them directly.
• Do not respond to these emails under any circumstances.
• DO NOT enter your personal or bank details (phone number, first name, last name, address or email) on any page.
• Check links carefully before clicking, even if they are from known contacts.
• Beware of shortened links.
• Be wary of attachments, even if they are from known contacts.
• Always keep your operating system and antivirus updated.
• Use unique and complex passwords for each of your accounts and enable two-factor authentication whenever possible.

And a lot of caution my friend… If you receive a notice from the tax office or any other government authority, you must have access ALWAYS through an electronic central office with a certificate or other secure authentication to verify the notice or notification. AND NEVER you must access it through a link contained in the body of the message, much less after downloading attachments commonly used to include malware.