If there ’ s one thing that can be counted on to happen every year around tax season — besides the ongoing tax preparation service commercials — it ’ s fraud . Whether it ’ s selling Attack.Databreach W2 forms online or sending Attack.Phishing malicious emails that look like Attack.Phishing they are from the IRS , cybercriminals tend to keep themselves busy this time of year . Rick Holland , VP of strategy at Digital Shadows , joined this week ’ s Hacker Tracker to highlight how cybercriminals are utilizing the dark web to support their tax fraud campaigns . Earlier this year , the Treasury Inspector General for Tax Administration reported that there was a reduction in the number of fraudulent tax returns identified between 2013 and 2015 . On the other hand , around that same time the IRS released data showing that phishing Attack.Phishing and malware incidents in the 2016 tax season increased by 400 percent . Noting that the number of identified fraudulent returns was not indicative of the overall levels of tax fraud occurring , Digital Shadows set out to reconcile two very different perspectives on the same problem . In response , the external digital risk management team recently released its research assessing dark web and criminal chatter related to tax fraud so far this year . As of February , the number of mentions in 2017 so far was already over 40 percent of the 2016 total . Rick Holland , VP of strategy at Digital Shadows , explained that cybercriminals are often using the dark web marketplaces to sell Attack.Databreach W2s for as little as $ 4 , which include a victim ’ s full information that can then be used for whatever campaign the cybercriminal is going to run . In fact , he noted that often cybercriminals capitalize on phishing Attack.Phishing and malware schemes during this time by using the term “ tax refund ” in an email subject of a message that looks like Attack.Phishing it ’ s from the IRS . However , those malicious emails are actually just delivering malware to a computer for other purposes , maybe to participate in a botnet or something similar . “ Sometimes it ’ s easy to think of the personal fraud that ’ s being committed , and certainly that is happening , but I think it ’ s important to remember that it goes much broader as far as what the adversaries are doing , ” Holland said . At the end of the day , fraudsters are doing everything they can increase the likelihood of their social engineering being successful . What ’ s Next In Tax Fraud Holland stressed how important it is for both consumers and businesses to under that there are differences in the types of cyber campaigns criminals perpetrate during tax season and that the threat of fraud can be much more encompassing during this time of year . Cybercriminals aren ’ t always going to go after credit card information , because they don ’ t have to . With increased sophistication and social engineering tactics , these criminals are not limited to relying on payment data alone to make money .

Hackers are reportedly selling Attack.Databreach stolen data from the Qatar National Bank ( QNB ) and UAE InvestBank on the dark web . Both the banks suffered major data breaches Attack.Databreach in 2016 and the data of thousands of customers was later leaked Attack.Databreach online by hackers . Now , even as tensions escalate between the two Middle Eastern nations , cybercriminals appear to be cashing in on the underground cybercrime community . Hackers hit Attack.Databreach the QNB in April 2016 and the UAE InvestBank in May 2016 . The Sharjah-based InvestBank 's stolen data was leaked Attack.Databreach online by a hacker going by the pseudonym `` Buba '' , who demanded Attack.Ransom a $ 3m ransom Attack.Ransom from the bank . The stolen data , including customers ' financial details as well as personal details such as full names , addresses , passport numbers , phone numbers , account numbers , credit card numbers along with their CVV codes and more was leaked Attack.Databreach online by the hacker after the bank refused to pay up the ransom Attack.Ransom . In the case of the QNB , a hacker group going by the pseudonym `` Bozkurt Hackers '' claimed responsibility for the data breach Attack.Databreach . Hackers leaked Attack.Databreach 1.4GB data , which included customers ' financial records , credit card numbers and PIN codes as well as banking details pertaining to the Al-Thani Qatar Royal Family and Al Jazeera journalists . The stolen data from the QNB hack Attack.Databreach as well as the InvestBank data breach Attack.Databreach is now up for sale on an unspecified yet popular dark web marketplace , HackRead reported . This has not been independently verified by IBTimes UK . InvestBank 's data is allegedly being sold for a mere 0.0071 bitcoins ( $ 18.86 , £14.91 ) . The data on sale includes bank accounts , card details , customer IDs , branch codes as well as account holders ' full names . The stolen and leaked data from the QNB , which the bank later acknowledged may have been accurate , is also on sale for 0.0071 bitcoins . The data listed for sale includes the previously leaked QNB records such as bank accounts as well as card and personal details of customers . Dark web data sales from major breaches Attack.Databreach are not uncommon . In 2016 , a series of major breaches Attack.Databreach affecting several leading tech firms including LinkedIn and Dropbox , eventually saw hackers selling Attack.Databreach hacked and stolen databases on the dark web .

Hackers are reportedly selling Attack.Databreach stolen data from the Qatar National Bank ( QNB ) and UAE InvestBank on the dark web . Both the banks suffered major data breaches Attack.Databreach in 2016 and the data of thousands of customers was later leaked Attack.Databreach online by hackers . Now , even as tensions escalate between the two Middle Eastern nations , cybercriminals appear to be cashing in on the underground cybercrime community . Hackers hit Attack.Databreach the QNB in April 2016 and the UAE InvestBank in May 2016 . The Sharjah-based InvestBank 's stolen data was leaked Attack.Databreach online by a hacker going by the pseudonym `` Buba '' , who demanded Attack.Ransom a $ 3m ransom Attack.Ransom from the bank . The stolen data , including customers ' financial details as well as personal details such as full names , addresses , passport numbers , phone numbers , account numbers , credit card numbers along with their CVV codes and more was leaked Attack.Databreach online by the hacker after the bank refused to pay up the ransom Attack.Ransom . In the case of the QNB , a hacker group going by the pseudonym `` Bozkurt Hackers '' claimed responsibility for the data breach Attack.Databreach . Hackers leaked Attack.Databreach 1.4GB data , which included customers ' financial records , credit card numbers and PIN codes as well as banking details pertaining to the Al-Thani Qatar Royal Family and Al Jazeera journalists . The stolen data from the QNB hack Attack.Databreach as well as the InvestBank data breach Attack.Databreach is now up for sale on an unspecified yet popular dark web marketplace , HackRead reported . This has not been independently verified by IBTimes UK . InvestBank 's data is allegedly being sold for a mere 0.0071 bitcoins ( $ 18.86 , £14.91 ) . The data on sale includes bank accounts , card details , customer IDs , branch codes as well as account holders ' full names . The stolen and leaked data from the QNB , which the bank later acknowledged may have been accurate , is also on sale for 0.0071 bitcoins . The data listed for sale includes the previously leaked QNB records such as bank accounts as well as card and personal details of customers . Dark web data sales from major breaches Attack.Databreach are not uncommon . In 2016 , a series of major breaches Attack.Databreach affecting several leading tech firms including LinkedIn and Dropbox , eventually saw hackers selling Attack.Databreach hacked and stolen databases on the dark web .