Beware of phishing in the Income campaign

Tomorrow, April 6, the 2021 Income and Heritage campaign begins in Spain. It’s time to catch up with the Treasury and the easiest way is using the Internet. But beware, cybercriminals are on the prowl and take advantage of any opportunity to distribute malware, such as an active phishing campaign that uses as argument “Irregularities in the payment of taxes” to steal personal and financial data from citizens.

The 2021 Income and Wealth campaign begins tomorrow for the filing of returns online in a campaign that will last until June 30. The Tax Agency makes available to taxpayers drafts of the same that should always be thoroughly reviewed in case you can add deductions that correspond to you. To access the drafts and/or statements online You need to identify yourself to the agency on its website or application in the following ways:

  • Electronic certificate or electronic DNI.
  • With the Cl@ve PIN system.
  • Through the reference number.

For this year’s campaign, workers who obtained income of less than 22,000 euros per year from a single payer. Even so, it is convenient to download the draft and assess the presentation if we want to recover the withholdings made.

As for the novelties of the campaign, they highlight the new section for cryptocurrencies where we will have to assign the balances in virtual currencies or other gains and losses that derive from the transmission of assets, from any operation that we have carried out with cryptocurrencies since July 11, 2021, provided that they have generated returns. There is also a modification in the tax scale, as well as new deductions that we can practice. You have information about all this on the website of the Agency dedicated to the 2021 Income Campaign.

Phishing in the Income campaign

Cybercriminals take advantage of any opportunity to distribute malware and if it is a massive campaign like the one we are dealing with, where millions of taxpayers will use the Internet to catch up with the Public Treasury, the better. In fact, the annual income tax return campaign is a preferred time as we have seen in previous years. Especially through phishing, the second most dangerous type of computer attack after Ransomware.

This year is not going to be any different and the security firm Bitdefender has identified a malspam campaign targeting European users which uses irregularities in the payment of taxes as an argument. Attackers send Windows and Android device users messages alerting them to unpaid amounts. These messages contain the LokiPWS Trojan, capable of stealing data such as username, password, cryptocurrency wallet information, and other credentials.

The messages use the name and image of the agencies in charge of tax collection and they ask to consult an attached file to access information about an alleged non-payment in VAT returns. This file is usually called “value added tax obligation.rar” or “VAT payment default1.rar”.

It is just an example of what awaits us. It must be said that the official bodies They will NEVER ask for this type of data taxpayers nor, of course, should you pay any attention to them. Unfortunately, this type of attack is still highly effective as it only requires a part of the users to fall for its “bait” and “bite” to obtain profitability.

The recipes against phishing, whether in the income campaign or any other, are known:

  • NEVER respond to unsolicited messages from official bodies.
  • NEVER provide bank details, PIN codes or passwords.
  • Be suspicious of messages with spelling and grammatical errors, although criminals make an effort to create them as accurate as possible.
  • NEVER open attachments or click on links in the body of email messages that do not offer maximum security.
  • Always use unique and complex passwords for each of your accounts and enable two-factor authentication whenever possible.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *