WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 25, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
Tax season has officially started! The Internal Revenue Service (IRS) of the US will be accepting tax returns between January 24 and April 18 this year. While this may seem like plenty of time for all the people out there dreading submitting their tax forms, it is probably a good idea to get started now. Filing early denies criminals the opportunity to steal your refund; they can’t steal your refund if the IRS returned it to you already.
Everyone files taxes, so tax-related scams are more likely to succeed due to the sheer number of potential victims. The stress of the approaching deadline and frustration from all the government forms make it easier for people to act in haste, possibly falling for a tax-related fraud.
Filing taxes early reduces the chances of someone doing it for you; by others, we mean cybercriminals. Cyber attacks and data breaches frequently result in personal information being traded on the underground cybercriminal forums. This of course is not a new phenomenon, in our blog Tax Fraud In 2020: Down But Not Out, we reported on the various types of tax-related data being sold. Criminals will then take that information, try to file a tax return, and then get the tax refund that’s meant for you. The process is actually not that sophisticated. They take whatever tax information they have and process the return electronically. Sounds nice, right? Someone else doing your taxes. The catch is that the refund is mailed to them as a check instead of going to your bank account. In 2020, the Federal Trade Commission received over 400,000 reports of identity theft used to apply for government documents or benefits, a drastic increase from the 23,000 reported in 2019.
The IRS has tried to circumvent this by implementing various forms of 2-factor authentication (2FA). The IRS tries to prevent fraudulent claims by issuing an Identity Protection PIN (IP PIN) to users as an extra way to verify the tax filer. They also mail a new IP PIN each year to confirmed victims of tax-related identity theft. That is on top of asking for information that only the tax filer should have access to, like the previous year’s adjusted gross income (AGI). However not everyone uses the IP PIN, so not everyone has the same level of protection against identity theft returns. It is simple to get an IP PIN, and users are encouraged to use this method as a means of protecting against identity theft.
The IRS also uses the identity solution ID.me, which uses images of a valid government issued photo ID, to verify identity. Previous Photon Research team investigations have uncovered the interesting lengths to which threat actors go to support the identity fraud ecosystem.
ID.me has several security features to stay one step ahead of the fraudsters; if the tool deems the document to be authentic, it asks for a video selfie to prove that they are the same person as the photo ID. During the recording, the tool flashes a series of colorful lights to make sure the video features a real person and not a photograph. While the tool is not 100% accurate, it makes it more difficult for scammers to file a fraudulent return. Despite all the measures the IRS takes to prevent fraudulent returns, the unfortunate truth is that some still slip through the cracks. That is why criminals are still willing to pay for stolen tax information.
It may seem daunting to try to prevent fraudulent tax returns. If the IRS can’t stop all of it, then what can you do about it? That brings us back to the original point. If you file your taxes early and have your refund already, no matter how much effort the criminal puts in, they can’t trick the IRS into paying the same refund twice.
Besides trying to file fraudulent returns, several other types of fraud activity occurs during tax season. Scammers will try to use threats and a sense of urgency to elicit an emotional response from you. A good example is the CP80 form sent by the IRS. It tells the recipient that they have credit on the account but will lose the credit if they don’t respond. Who in their right mind wants to lose money? To get the credit, they must “Send [their] signed tax return to the address shown above”, luring the recipient into providing sensitive information.
The good news? Even though the form is legitimate, many recipients were sharp enough to recognize the common techniques used by scammers. But most unexpected correspondence from the IRS won’t be legitimate. Here are some examples of other scams that typically occur during tax season:
As a rule of thumb, the IRS only contacts people through physical mail. All the tricks used by scammers involve unsolicited phone calls and emails. They can spoof the caller ID and email address, so even if it seems legitimate, you should stay vigilant for fraudulent requests. We’ve previously issued a blog detailing how to recognise scams sent through phishing emails.
A surefire way to make sure it’s from the IRS is by looking up the contact number on the IRS website (never use the contact information provided by a potential scammer). Whether you’ll actually get in contact with an IRS rep is a different story, and the lack of customer service and support make it easier for scammers since victims are unable to verify information. The approaching deadline for filing their taxes also adds to the sense of urgency often used by the scammers. As we stated at the start of this blog, it’s important to file your taxes early.
When you file taxes early, your taxes get processed faster. You block possible attempts by criminals to file a fraudulent attempt in your name. You also save yourself the stress and frustration of long hold times should you need to contact IRS support. Imagine yourself smugly saying, “I got my return already” while people around you complain about doing their tax returns. As Benjamin Franklin once wrote, “[In] this world one thing can be said to be certain, except death and taxes.” You have to file your taxes eventually, so why not do it early this year?
If you’re looking for further advice on staying safe online and minimizing the chances of being stung during this tax season, then look no further. Our proprietary software SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) assists our clients in identifying exposures, alerting in a timely manner, before offering sensible options for remediation. If you’d like to learn more, please sign up for a demo of SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) here.