Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Tax Fraud. Show all posts
Tax Fraud
CPS Cyber Attacks CyberCrime Cybersecurity CyberThreat HMRC Logging tax Tax Fraud

UK Tax Fraud Scheme Uncovered Following Arrests in Romania

 


Despite being organized and waged on a global scale, phishing-based tax fraud schemes that target the United Kingdom have emerged in recent years as a significant development in the fight against transnational cyber-enabled financial crime. An operation coordinated by Romanian law enforcement authorities and HM Revenue and Customs (HMRC) of the UK unfolded across the counties of Ilfov, Giurgiu, and Calarasi during the second half of 2011 and resulted in the arrests of 27 suspects aged between 23 and 53. 

A preliminary investigation suggests that the group organized a sophisticated campaign involving the use of phishing tactics to harvest personal information from people, then used this information to fraudulently apply for tax refunds and government benefits within the UK. In this case, more than 100 Romanian police officers and criminal investigators participated in a sweeping crackdown, demonstrating the size and urgency of the cross-border operation. 

A related operation has been conducted, in which a 38-year-old man was arrested in Preston. HMRC officials seized several electronic devices that appeared to be linked to the broader network. Romanian prosecutors, the HMRC, and the Crown Prosecution Service (CPS) have recently come together to form a strategic alliance aimed at tackling complex cyber fraud and financial misconduct which has cross-border implications. 

As part of the alliance, Romanian prosecutors will cooperate with the UK Crown Prosecution Service to bring this enforcement action. Several authorities on both sides have stressed the importance of this cooperation in the fight against organized cybercriminal groups that are exploiting digital vulnerabilities to attack national tax systems. 

The investigation continues while digital evidence is analyzed and more suspects are being identified as new suspects are identified. It is believed that the arrests are in connection with an ongoing investigation into an organized criminal network accused of using large-scale phishing attacks for defrauding His Majesty's Revenue and Customs (HMRC) of approximately £47 million (equivalent to $63 million) through a large-scale phishing attack campaign. 

Apparently, the gang used deceptive digital schemes in order to harvest login credentials and personal information from British taxpayers, which were then used to access online tax accounts and file fraudulent claims for refunds and government benefits as a result of the misuse of these credentials. When nearly 100,000 UK taxpayers were informed in June 2024 that their HMRC online accounts were compromised, the full extent of the breach only became publicized in June 2024. 

It was the Treasury Committee, which oversees the nation's tax administration, that sparked outrage over the revelation. They criticized senior HMRC officials for failing to announce the losses in a timely manner. As a result of their accusations of a lack of transparency in handling one of the biggest cyber-enabled financial frauds in the recent history of the United Kingdom, lawmakers have called the agency into question. 

HMRC investigators and Romanian police officers have worked together to carry out coordinated raids across multiple locations in Ilfov, Giurgiu, and Calarasi counties, as part of the international enforcement operation targeting the key suspects behind this fraud. Authorities conducted searches during which they seized electronic devices that were believed to contain digital evidence important to the investigation. 

It was confirmed by the Romanian Police Economic Crimes Investigation Directorate that 13 people ranging in age from 23 to 53 were arrested as part of the investigation. As the investigation continues to uncover the full extent of the criminal infrastructure behind the scheme, the suspects are now facing charges of computer fraud, money laundering, and unauthorized access to information systems. HM Revenue and Customs (HMRC) is conducting a series of investigations into a wave of sophisticated phishing campaigns which have targeted individuals across the United Kingdom, leading to the recent arrests, forming part of a broader investigation. 

There were scams involving fraudulent emails and messages designed to mimic official government communications, which deceived the intended recipients into providing sensitive information such as login credentials, personal information, and banking or credit card information to them. Using stolen data as a basis to orchestrate a variety of fraudulent activities that were intended to siphon money out of government programs, the stolen data was ultimately used by perpetrators. 

As a result of this illegal information gathered by the perpetrators, they are able to submit false claims under various financial assistance schemes, such as the Pay As You Earn system (PAYE), VAT repayment schemes, and Child Benefit payments. HMRC nevertheless issued breach notifications to about 100,000 affected individuals whose information was compromised, despite the fact that the fraud was targeted at defrauding the tax authority itself rather than targeting taxpayers' personal financial assets. 

As the Romanian Economic Crimes Investigation Directorate, which spearheaded the arrests, has confirmed, the suspects have been under investigation for a wide range of serious offenses, including computer fraud, money laundering, unauthorized access to information systems, and other serious crimes. 

In the aftermath of the attack, the authorities were keen to stress that there was no breach in the internal cybersecurity infrastructure of HMRC that resulted in the attack. The fraud was, instead, primarily conducted using social engineering methods and phishing tactics in an attempt to gather personal information, which was then manipulated to exploit legitimate tax and benefit services. 

In light of the growing threat of cyber-enabled financial crimes and the need for cross-border cooperation in order to counter complex fraud operations, this case highlights the importance of cross-border cooperation. In spite of the fact that it is believed that the cyberattack occurred in 2023, it was not until June 2024 that the public became aware of the breach. 

According to Dame Meg Hillier, Chair of the UK Parliament's Treasury Select Committee, this delay in disclosure has caused the government to face severe criticism for failing to inform lawmakers and the public in a timely fashion. Her assessment of the tax authority's lack of transparency was "unacceptable," in light of how large the fraud was and how many people were affected by it. 

The government of HMRC announced in June that it had contacted all taxpayers affected by the breach and informed them of the compromise and provided details of the steps taken to secure their accounts in response to the breach. HMRC has seized the affected online accounts as a precautionary measure and has deleted the login credentials associated with the accounts, including Government Gateway user IDs and passwords, to prevent unauthorized access from continuing. 

Additionally, the agency has confirmed that any incorrect or fraudulent information that may have been added to the taxpayers' records during the scam has been identified and removed from the taxpayer's records. There has been increasing interest in tax-related scams since that period, but cybersecurity experts have warned that fraudsters are employing more and more convincing tactics in order to deceive the public. 

According to the CEO of Closed Door Security, tax scams are still one of the major cyber threats facing the UK. The lawyer explained that criminals are increasingly utilizing phishing methods that closely mimic official government correspondence, including emails, text messages, and physical letters, by blending phishing methods and email, text messages, and physical letters. 

To make it more likely for a message to be successful, it is often timed to coincide with important tax deadlines, such as the self-assessment period that falls in January. As Wright pointed out, even technology-savvy individuals can have difficulty distinguishing between these fraudulent messages and the real thing, underlining the need for greater public awareness and stronger digital security. 

Despite the ongoing investigation into cyber-enabled financial crime, this case serves as a powerful reminder of the growing sophistication of this crime, as well as the need for global collaboration in detecting, disrupting, and deterring such activities as soon as possible. In this regard, it emphasizes the importance of public awareness, proactive cybersecurity measures, as well as timely coordination between agencies across borders in order to protect the public's safety. 

For governments, the incident highlights the need for better safeguards around the automation of benefit and tax systems as well as strengthening digital identity verification protocols. In the end, it is a stark warning for individuals to remain vigilant against unsolicited e-mails and adopt best practices to protect their personal information online, as digital infrastructure is becoming increasingly essential to public administration and financial services. 

Therefore, it is imperative that these systems are made resilient as a national priority, as their resilience will become increasingly important in the near future. There will be a greater need to continue investing in cybersecurity capacity-building, sharing threat intelligence, and public awareness campaigns in order to stay ahead of financially motivated cybercrime syndicates operating around the world.
Read more »
Tax Season
Cyber Fraud Identity Protection IRS PIN personal data safety secure tax filing Tax Fraud Tax Scams Tax Season

Protect Your Tax Return from Fraud: Here's What You Need to Know

 


Tax Season 2025: Protect Yourself from Fraud with an Identity Protection PIN

A new year marks the start of another tax season, bringing with it the usual challenges of navigating the complex US tax code and avoiding scams. One particularly concerning scam involves fraudsters filing a tax return in your name to claim a refund. Many victims only realize they've been targeted when they attempt to file their own return, uncovering a complicated issue that can take weeks or even months to resolve.

The risk of tax-related identity theft is elevated this year due to a series of high-profile data breaches in 2024. Personal information, including Social Security numbers, has become more accessible on the dark web, providing fraudsters with the tools they need to exploit unsuspecting taxpayers. As tax season progresses, this vulnerability becomes a significant concern for individuals and businesses alike.

How the IRS’s Identity Protection PIN Can Help

To combat this type of fraud, the IRS offers a proactive solution: the Identity Protection PIN (IP PIN). This six-digit PIN acts as a layer of authentication to ensure that only your legitimate tax return is accepted. If a return is filed without the correct IP PIN, it will be rejected, preventing unauthorized filings in your name.

Initially, the IP PIN program was limited to victims of identity theft or those flagged by the IRS as high-risk individuals. However, the program has now been expanded to all taxpayers who wish to voluntarily enroll. The process is straightforward and can be completed in three ways:

  • Online: Use the government’s ID.me service to verify your identity. This option typically takes 15–20 minutes.
  • By Mail: Submit a paper application to the IRS.
  • In-Person: Schedule an appointment at an IRS office for identity verification.

Once enrolled, your IP PIN is valid for one year and cannot be reused. Each year, you can opt to receive a new PIN, providing an added layer of security. This feature prevents fraudsters from exploiting a stolen PIN even after its use in a prior tax season.

Best Practices for Taxpayers

For most taxpayers, opting for an annually renewed IP PIN is the ideal choice. This ensures you have updated protection each year without the need to manage multiple PINs simultaneously. If you ever misplace your PIN, you can retrieve it by logging into your IRS account using your ID.me credentials. To streamline this process, consider using a password manager to securely store your account credentials, including a strong, unique password for your government account.

By adopting these best practices, you can reduce the stress of tax season and protect yourself against fraud. For more information, visit the IRS’s FAQ page on the Identity Protection PIN program. This simple yet effective system offers much-needed peace of mind during the often overwhelming task of filing your US tax return.

Read more »
Tax Fraud
Cyber Attacks Identity Theft IRS Ransom Demands Ransomware attack sensitive data theft Tax Fraud

Teachers' Taxes Fraudulently Filed in Glendale Ransomware Attack

 

The Glendale Unified School District recently found itself at the center of a distressing situation when teachers, nurses, counsellors, and other faculty members received an unexpected notification from the IRS: their taxes had already been filed. What unfolded was a troubling revelation — the district had fallen victim to a ransomware attack, compromising sensitive data and leaving employees grappling with the aftermath. 

The attack, which occurred in December, targeted the school district's system, locking employees out and demanding a ransom for the safe return of their data. The stolen information included employee and student details such as names, addresses, dates of birth, Social Security numbers, and financial account information. As if that wasn't alarming enough, the breach's full extent became apparent when employees attempted to file their taxes, only to discover that fraudulent filings had already been made using their information. 

In the wake of the breach, at least 231 union members found themselves impacted, facing the arduous task of verifying their identities with the IRS to rectify the situation. The district took swift action, partnering with law enforcement agencies and cybersecurity experts to investigate the incident's scope and potential risks to employees and students. Despite the district's efforts to address the breach, some employees expressed dissatisfaction with the handling of the situation. 

Criticism centered around the perceived lack of transparency and timely communication regarding the breach. While the district maintained that it promptly informed the community about the incident and provided regular updates, employees felt otherwise, describing the information release as a "slow drip of updates." 

Amidst the fallout, concerns lingered about the compromised data's implications and the district's ability to safeguard against future attacks. School districts, while not prime targets for ransomware attacks, are vulnerable due to their extensive networks and numerous vulnerabilities. The complexity of securing these systems underscores the challenges faced by educational institutions in safeguarding sensitive information. 

Looking ahead, affected employees face an uphill battle in reclaiming their financial security, with the process of rectifying fraudulent filings expected to be prolonged and cumbersome. Despite assurances from the district and ongoing efforts to mitigate the breach's impact, the incident serves as a stark reminder of the ever-present threat posed by cybercriminals and the critical need for robust cybersecurity measures in educational institutions.
Read more »
Technology
Artifcial Intelligence CyberCrime Identity Theft Tax Fraud Technology

How Can You Safeguard Against the Dangers of AI Tax Fraud?

 




The digital sphere has witnessed a surge in AI-fueled tax fraud, presenting a grave threat to individuals and organisations alike. Over the past year and a half, the capabilities of artificial intelligence tools have advanced rapidly, outpacing government efforts to curb their malicious applications.

LexisNexis' Government group CEO, Haywood Talcove, recently exposed a new wave of AI tax fraud, where personally identifiable information (PII) like birthdates and social security numbers are exploited to file deceitful tax returns. People behind such crimes utilise the dark web to obtain convincing driver's licences, featuring their own image but containing the victim's details.

The process commences with the theft of PII through methods such as phishing, impersonation scams, malware attacks, and data breaches — all of which have been exacerbated by AI. With the abundance of personal information available online, scammers can effortlessly construct a false identity, making impersonation a disturbingly simple task.

Equipped with these forged licences, scammers leverage facial recognition technology or live video calls with trusted referees to circumvent security measures on platforms like IRS.gov. Talcove emphasises that this impersonation scam extends beyond taxes, putting any agency using trusted referees at risk.

The scammers then employ AI tools to meticulously craft flawless tax returns, minimising the chances of an audit. After inputting their banking details, they receive a fraudulent return, exploiting not just the Internal Revenue Service but potentially all 43 states in the U.S. that impose income taxes.

The implications of this AI-powered fraud extend beyond taxes, as any agency relying on trusted referees for identity verification is susceptible to similar impersonation scams. Talcove's insights underscore the urgency of addressing this issue and implementing robust controls to counter the accelerating pace of AI-driven cybercrime.

Sumsub's report on the tenfold increase in global deepfake incidents further accentuates the urgency of addressing the broader implications of AI in fraud. Deepfake technology, manipulating text, images, and audio, provides criminals with unprecedented speed, specificity, personalization, scale, and accuracy, leading to a surge in identity hijacking incidents.

As individuals and government entities grapple with this new era of fraud, it becomes imperative to adopt proactive safety measures to secure personal data. Firstly, exercise caution when sharing sensitive details online, steering clear of potential phishing attempts, impersonation scams, and other cyber threats that could compromise your personally identifiable information (PII). Stay vigilant and promptly address any suspicious activities or transactions by regularly monitoring your financial accounts.

As an additional layer of defence, consider incorporating multi-factor authentication wherever possible. This security approach requires not only a password but also an extra form of identification, significantly enhancing the protection of your accounts. 

Read more »
Tax Fraud
advance payment scams and money laundering Black Axe Gang Credit Card Fraud Cyber Crime cybercrime gang Email Scams Financial Fraud inheritance scams Interpol Tax Fraud

Operation Jackal: INTERPOL Shuts Down African Cybercrime Gang


A recent operation by INTERPOL on the West African cybercrime organization led to several bank accounts being frozen, with suspects detained and a series of financial investigations organized worldwide. 

Operation Jackal, conducted between May 15 and 29, apparently mobilized police forces, financial crime units and cybercrime agencies across 21 countries in order to launch a targeted strike on Black Axe and related West African organized criminal gangs.

As of now, more than 200 illicit bank accounts that were linked to online financial crime have been blocked, with several associated suspects arrested whose networks in cybercrime pose a severe threat to international security. 

“Organized crime is mostly driven by financial gain and INTERPOL is committed to working with our member countries to deprive these groups of their ill-gotten assets. This successful operation involving so many countries clearly shows what can be achieved through international cooperation, and will serve as a blueprint for concerted police action against financial crime in the future,” says Isaac Kehinde Oginni, Director of INTERPOL’s Financial Crime and Anti-Corruption Centre (IFCACC). “It also sends a strong message to West African crime networks that no matter where they hide in cyberspace, INTERPOL will pursue them relentlessly. The illegal activities of Black Axe and similar crimes syndicates will remain a priority for INTERPOL.”

In Portugal alone, four such investigations led to the accumulated seizure and recovery of around 1.4 EUR million.

A total of 34 suspects have been arrested in the Irish phase of the operation. Amongst these arrests, 12 were detained for investigative purposes and 22 on suspicion of money laundering and gangland-style offences. 

According to Deputy Head of the National Central Bureau of Dublin, Tony Kelly, ‘It became apparent early in the investigation that international cooperation and the use of INTERPOL’s analytical and coordination capabilities was essential to the investigation, and remains a pivotal element to the success to date and the ongoing investigation into this group.”

More such investigations have been witnessed across the world as intelligence agencies are putting efforts into investigating the issue.

Black Axe and other West African organized cybercrime syndicates are popular malicious gangs known for cyber-enabled criminal offences like financial fraud, mostly done by compromising company’s email systems, romance scams, inheritance scams, credit card fraud, tax fraud, advance payment scams and money laundering. 

Read more »
U.S
Banking fraud Cyber Crime Scheme Cyber Fraud Tax Fraud U.S

U.S. Charged Eight in $45 Million Cyber Crime Scheme

The United States Department of Justice charged eight people on Wednesday in connection with a racketeering (RICO) conspiracy. 

Following a multimillion-dollar fraud that took place, threat actors stole money from hacked accounts at banks and financial institutions, laundered it, and sent it overseas. 

The defendants, Dickenson Elan, Andi Jacques, Jenkins, Louis Noel Michel, Monika Shauntel Jeff Jordan Propht-Francisque, Vladimyr Cherelus, Michael Jean Poix, and Louisaint Jolteus, allegedly worked together to perform computer fraud and scams. 

According to the Department of Justice, the campaign was started in 2011 when threat actors began to gain access to accounts at 15 big financial institutions including Citibank, E-Trade, PayPal and TD Ameritrade, JP Morgan Chase, payroll processor Automated Data Processing (ADP), and niche organizations including the U.S. military's Defense Finance and Accounting Service. 

As per the data, the defendants along with others from 2015 and 2019, including a now-deceased conspirator referred to as Rich4Ever4430, banded together in a cybercrime and fraud scheme involving tax returns. 

The indictment claims, Jenkins, Michel, Propht-Francisque, Cherelus, and Rich4Ever4430, purchased on the dark web server credentials for Certified Public Accounting (CPA) and tax preparation firms and used the data to gain access and exfiltrate the tax returns of thousands of people. 

"Hackers only need to find one vulnerability to cause millions of dollars of damage," said Mark Rasch, a former federal cyber crimes prosecutor, based in Bethesda, Maryland. 

Overall, they have stolen more than $36 million in false tax refunds. The estimated loss surpasses $4 million however, the exact amount is yet to be confirmed. 

The eight defendants have been charged with conspiracy to commit wire fraud, conspiracy to commit identity theft, and conspiracy to commit money laundering. According to the law, defendants could face fines and up to 20 years in prison on each of the first two charges, and 15 years on the third. 

The case is referred as "United States of America v. Oleksiy Sharapka, Leonid Yanovitsky, Oleg Pidtergerya, Richard Gundersen, Robert Dubuc, Lamar Taylor, Andrey Yarmoltskiy and Ilya Ostapyuk," number 13-06089, at the U.S. District Court for the District of New Jersey.
Read more »
Tax Fraud
Child Identity Theft Cyber Crime Data Theft New York Tax Fraud

New York tax Fraudster Sentenced to 12 years in Prison for Child Data Theft Ring

 

A court in the United States has sentenced New York resident Ariel Jimenez to 12 years in prison for stealing the identities of thousands of children on welfare and using those identities to falsely claim tax credits on behalf of his customers. 

The clients of Jimenez exploited the stolen identity data which included names, dates of birth, and social security numbers to add the children fraudulently as dependents on their tax returns to receive a refund when they filed their taxes. 

Ariel Jimenez, 38, of the Bronx, New York started the fraud ring in 2007 and is believed to have made millions of dollars. With the assistance of his co-conspirators, Jimenez began to sell the identities of hundreds of vulnerable children (siphoned by a New York City's Human Resources Administration fraud investigator) to thousands of people profiting from this fraudulent operation. 

"While working at the HRA, CW-1 obtained children's names and identifying information from the Welfare Management System and sold those names to [..] the defendant," court documents explained. The investigation by IRS-CI has revealed that the defendants engaged in large-scale identity theft and tax fraud schemes through which (a) identifying information of minors, including names, dates of birth, and SSNs, was obtained, including through payments to a corrupt New York City employee." 

The fraudster demanded a cash fee, on top of tax preparation charges, to "prepare and file tax returns that falsely claimed that the individual taxpayer had one or more minor dependents, to take fraudulent advantage of at least one tax credit, thereby inflating the refund paid to the taxpayer." 

He used the profits from his tax fraud operation to acquire millions of dollars of real estate and fund his lavish lifestyle. By his own admission, JIMENEZ spent more than $5.5 million to buy worldwide real estate, cars, jewelry, and in gambling. 

The defendant was first arrested in November 2018 along with multiple co-conspirators, including his sisters Evelin Jimenez and Ana Yessenia Jimenez. He was convicted in February this year of aggravated identity theft, fraud, and money laundering crimes following a two-week jury trial. 

The judge in charge of this case sentenced the fraudster to 12 years in prison on Monday and ordered him to pay $14M in damages, turn over numerous properties, and pay over $44M in restitution. 

"Ariel Jimenez's tax and identity theft crimes cruelly forced his victims to endure bureaucratic snafus and agonizing delays for their much-needed tax refunds," U.S. Attorney Damian Williams stated earlier this year in February. 

"Today's sentence holds Jimenez accountable for brazenly selling the identities of children to his customers for his own profit," Williams further added.
Read more »
Subscribe to: Posts (Atom)