If this year is anything like last we are in the midst of phishers ’ attempts to trick Attack.Phishing taxpayers , employers and tax preparers into giving up information that will allow attackers to file bogus tax returns and collect IRS refunds , according to PhishLabs ’ annual phishing report . The latest Phishing Trends and Intelligence Report , which has data about January 2016 , says that the IRS phishing sites spotted in that one month totaled more than the IRS phishing attempts seen during all of the previous year . While the numbers for this January aren ’ t in yet , PhishLabs researchers expect yet another spike . That ’ s because last year , 40 businesses that phishers asked for their employees ’ W2 forms actually sent Attack.Phishing them to the scammers , says Crane Hassold , a senior security threat researcher at PhishLabs . That ’ s compounded by other phishing attempts Attack.Phishing that ask tax professionals to update their accounts , then direct them to fake Web sites that steal Attack.Databreach their credentials . And individuals received emails purportedly Attack.Phishing from tax preparers , tax software companies or banks , asking them to update their information in order to receive their returns . The IRS posted a warning page including these and other scams criminals are using to collect someone else ’ s refunds or to file bogus returns . The report is based on data gathered by PhishLabs researchers of about 1 million confirmed malicious phishing sites on more than 170,000 domains and including more than 66,000 IP addresses . The phishing trends report found that by yearend , cloud storage services will be the most frequently targeted businesses , and almost all those attacks will be aimed at just two providers , Google and Dropbox , according to the report . In 2016 , it was nearly a dead heat for whether the financial industry or cloud storage services would be the top victim , with financial edging storage 23 % to 22.6 % , and “ there is a strong likelihood that cloud storage services will overtake financial institutions as the most targeted industry in 2017 , ” the report says . Those providers are being targeted , PhishLabs says , because they use email addresses as usernames . “ By launching phishing attacks Attack.Phishing targeting popular online services that use this authentication practice , phishers are mass harvesting Attack.Databreach email address , password credential combination that can be used to attack secondary targets , ” the report says . These secondary targets are vulnerable because it is known they use email addresses as usernames and because many people use the same usernames and passwords across different sites . Financial industries are targets because once attackers compromise customers ’ credentials , the attackers can directly steal Attack.Databreach from their accounts . Even though cloud storage services are edging out financial services as targets , the total number of attacks against each is rising . The number is just rising faster against the cloud storage services . Besides financial and cloud storage , the remaining three among the top five targeted industries are webmail/online services , payment services and ecommerce sites . Those five accounted for 91 % of all phishing attacks Attack.Phishing in 2016 , the report says . Attacks against software-as-a-service businesses is increasing rapidly , targeting mainly two companies , Adobe ( Adobe ID ) and DocuSigh . Again , attackers are attracted to them because they use email addresses as usernames .

Qatar is set to host the 2022 FIFA Soccer World Cup , and to do so , the country must build a number of stadiums . Additionally , Qatar 's economy is also in full bloom , and many companies taking advantage of local tax-free zones are also driving a real-estate boom , with tens of buildings being built every year . At the heart of Qatar 's roaring constructions sector are migrant workers , usually from East-Asian countries , such as India , Bangladesh , and most often Nepal . Loopholes in local legislation allow employers to withhold passports and force employees to work under appalling conditions , facing steep penalties , and even jail time if they try to leave the country before their contract expires . These conditions have attracted the attention of many activists , organizations , and journalists , that have published damning reports , even going as far as asking FIFA to revoke the rights to hold the 2022 World Cup until Qatar revises its labour laws . Claudio Guarnieri , a security researcher working for Amnesty International , has published a report today that reveals how an unknown person or group has created Attack.Phishing a fake persona named Saleena Malik , which they used to get close to journalists and activists . The primary goal was to become friends with potential victims , and after months of having private conversations , lure Attack.Phishing the target into accessing a phishing page disguised as Attack.Phishing a Google login , and collect their credentials . Malik 's phishing attacks Attack.Phishing did n't happen right away , but always after the victim had time to get acquainted with her fake persona . In most cases , Malik posed as Attack.Phishing a person with similar interests in activism and Qatar 's migrant labor laws . After months of private conversations via email , LinkedIn and/or Facebook , Malik would eventually invite Attack.Phishing a target to access a document or connect via Google Hangouts . In all cases , before accessing Malik 's documents or Google Hangouts , the victim would first be prompted Attack.Phishing by a fake login page that collected their credentials . Guarnieri , who was alerted to Malik 's actions by one of the targeted journalists , was able to identify where these phishing pages were hosted and where they sent data for storage . This is how the researcher tracked down at least 30 other victims of Malik 's expert phishing attacks Attack.Phishing . Additionally , with collaboration from victims , Guarneri was also able to discover that the people behind the Malik persona had also accessed some of the phished Gmail accounts . The intruder 's IP address belonged to a local Qatar Internet service provider . What the researchers was n't able to find was who was behind the attacks . His guesses include the government of Qatar , another government wanting to make Qatar look bad , or a contractor hired by one of the construction firms or a government agency . In a statement for Amnesty International , a spokesperson for the government of Qatar denied any involvement . These particular set of attacks Attack.Phishing show a deep knowledge of social engineering , and especially phishing tactics . Whoever was behind this campaign had both the knowledge , skills and patience to wait for the seeds he planted to bear fruits many months later