One needs to be always aware of Tax Scams , including tax refund scams , which are carried out by scamsters who pretend to be Attack.Phishing from the IRS of USA , HMRC of UK , CRA of Canada , Income Tax Department of India and such . Scamsters contact Attack.Phishing you via fake emails , phone calls , recorded message , SMS , etc , and either scare you with the possibility of some legal action or entice Attack.Phishing you with a tax refund ! Every tax season , Tax Scams start doing the rounds . Emails , Phone calls , or recorded messages by cybercriminals impersonating Attack.Phishing authentic tax agents have become an order of the day and continue to remain a major threat to taxpayers . The scam artists use sinister designs that threaten police arrest , deportation , and even license revocation . With the increases in its popularity , fraudsters are also busy finding more ways to increase efficiency . Earlier , the major targets were elderly people and immigrant population . Slowly , the focus has shifted to methods that rely on auto-dialers , robocalling , and voice mail messages to hit as many taxpayers as possible . The story begins with an automated call . It plays a recorded message warning you that it ’ s “ the final notice ” from the tax agency such as the Internal Revenue Service , Indian Income Tax Department , HM Revenue and Customs , or the Tax department of your country . Or it could begin with an email . In any case , the recorded voice or email purports to be Attack.Phishing from tax inspector and goes on to specify about the course of action , the agency is likely to follow against you like , planning a lawsuit against you , and if you don ’ t return this call , you could land up in jail , soon . Attacks , such as these use fear as bait Attack.Phishing or the lure Attack.Phishing of a tax refund on the other hand . They rely on social engineering tactics . One such message tells recipients that there ’ s a pending law enforcement action against them as they have evaded tax . It is mainly used to target U.S. taxpayers . The scam pretends to contain information about a subpoena . It could contain a web link which it wants you to click . The link could take you to a fraudulent website . Or the email could include an attachment . The file is a “ document file ” that Microsoft Word opens in Protected View . It contains an instruction to Enable Editing . If the Enable Editing button is clicked , malicious Macros in the ‘ document ’ downloads a malware . So one needs to always exercise utmost caution in either of the cases .

Last December the US Intelligence Community ( IC ) released a report naming APT28 , a suspected Russian hacking group , as being linked to numerous cyberattacks designed to influence the outcome of the 2016 presidential election with a mixture of leaks and misinformation . Highlighting Russian `` malicious cyber activity '' the IC 's analysis reported on this `` advanced persistent threat '' by confirming it was likely linked to the county 's military or intelligence services . The hackers go by many names : Fancy Bear , Pawn Storm , Sofacy , Sednit , Tsar Team and more . The group – after targeting the Democratic National Committee ( DNC ) , the World Anti-Doping Agency ( Wada ) and the German government – is the focus of a new report from US-based cybersecurity firm FireEye , discussing the key hacking techniques it uses . `` We have observed APT28 rely on four key tactics when attempting to compromise intended targets , '' the report states . These include the use of spearphishing Attack.Phishing to deploy exploit kits , the spreading of malware , compromising web-facing servers and creating fake internet addresses . Some of the tactics are straightforward , but work . In one hypothetical case , a hacker would craft Attack.Phishing an exploit document with `` enticing lure content '' and send Attack.Phishing it to a carefully chosen victim . Once the document is opened , malware is automatically installed by exploiting a vulnerability in computer software . According to FireEye , APT28 has exploited Vulnerability-related.DiscoverVulnerability a number of known security flaws in the past including previously undiscovered `` zero day '' vulnerabilities in Adobe Flash Player , Java , and Windows . The hackers then contact Attack.Phishing targets saying they need to reset passwords , lead the victim to a malicious login page and hijack passwords . `` APT28 employs a suite of malware with features indicative of the group 's plans for continued operations , as well as the group 's access to resources and skilled developers , '' the report states . After information is stolen Attack.Databreach , FireEye explains , the hacking group will often leak it to `` further political narratives '' . These reportedly include the conflict in Syria , Nato , the European Union refugee crisis and the 2016 Olympics and Paralympics athlete doping scandal . In agreement with the US government , the security firm believes the hacking group conducts its operations `` in support of Russian strategic interests '' and is made up of a `` sophisticated and prolific set of developers and operators '' . This is denied by Russian president , Vladimir Putin . `` The recent activity in the US is but one of many instances of Russian government influence operations conducted in support of strategic political objectives , and it will not be the last , '' the report states . `` As the 2017 elections in Europe approach - most notably in Germany , France , and the Netherlands – we are already seeing the makings of similarly concerted efforts . '' The research paper adds another layer to the already-impressive body of work released by organisations including ThreatConnect , Crowdstrike , SecureWorks and Fidelis Cybersecurity . The firms , while less open to attributing with utmost certainty , continue to link APT28 with Putin 's state . `` We stand by our research that the attack data we were given to analyse mirrors previous attacks of APT28 , '' John Bambenek , threat intelligence manager at Fidelis told IBTimes UK . `` The malware and the tactics we can speak with expertise on . What we can not answer is what the intent of those actors were and at whose direction they were acting , as we do not have direct intelligence on those subjects nor are we in a position to get them . '' Tom Finney , a counter threat researcher from SecureWorks , said : `` We 've been able to link this activity to Russia because of the wider targeting seen in this campaign . `` The majority of the activity appears to focus on Russia 's military involvement in eastern Ukraine ; for example , the email address targeted by the most phishing attempts Attack.Phishing ( nine ) was linked to a spokesperson for the Ukrainian prime minister . `` Other targets included individuals in political , military , and diplomatic positions in former Soviet states , as well as journalists , human rights organisations and regional advocacy groups in Russia .