According to a new report from DomainTools, cybercriminals are taking advantage of the latest IRS payments sent to families across the United States by launching dozens of credential collection sites disguised as U.S. Rescue Planning Act registration sites. I will.
Last week, the IRS began sending the first round of child tax credits, which is part of the larger US Rescue Planning Act passed earlier this year. Payments are automatically sent by the IRS and no sign-up is required.
However, cybercriminals have created a maze of relevant websites aimed at tricking people into entering personal information by pretending to be related to paying child tax credits, said Chad Anderson of Domain Tools. explained.
By analyzing past WHOIS information and OSINT technology, Anderson said cybersecurity companies were able to link this particular credential harvesting scam to Nigeria-based web developer Golden Waves Innovations.