Tax season in the United States is in full swing. That means plenty of tax related documents are being passed around cyberspace. This isn’t something phishing scammers are going to ignore.
In one email phishing scam that has managed to find its way around many email junk filers, an email appears to show a W2 tax document being shared with the recipient via OneDrive, the cloud file storage service from Microsoft.
The email, which will appear similar to the below screenshot, provides a link for the recipient to open the tax document. It is being sent with the subject “Re: Home Loan”.
But it’s a phishing scam and there is no phishing document. The link leads to a webpage hosted on the TypeForm platform, a service that allows people to create forms and surveys.
The page asks for the visitor to login to see the tax document, but any username and password combinations entered into this page will be sent to the scammers, effectively handing them control of your online account (unless you’re sensible enough to have enabled two-factor authentication.)
Sponsored Content. Continued below...
Regardless of what username and password a person enters, the visitor is told that its incorrect, and the page eventually “locks” the document claiming it cannot confirm the visitor’s identity. It’s all a ruse, though. There is no document, and the webpage isn’t really trying to validate the information, rather just transmit it to cyber crooks.
Always watch out for emails asking you to open attachments or click links. These are how phishing scams usually start. If you do click a link, unless you trust the website you’re on, don’t enter any personal information into it. If you’re on a platform that allows anyone to create a website, such as TypeForm or Google Sites, you shouldn’t trust it if it asks for personal information or login details.
Thanks for reading, we hope this article helped, but before you leave us for greener pastures, please help us out.
We're hoping to be totally ad-free by 2025 - after all, no one likes online adverts, and all they do is get in the way and slow everything down. But of course we still have fees and costs to pay, so please, please consider becoming a Facebook supporter! It costs only 0.99p (~$1.30) a month (you can stop at any time) and ensures we can still keep posting Cybersecurity themed content to help keep our communities safe and scam-free. You can subscribe here
Remember, we're active on social media - so follow us on Facebook, Bluesky, Instagram and X