According to reports, the Internal Revenue Service (IRS) paid an amount of $65,000 to Flashpoint Intelligence in order to gain access to firm’s platform and API. This was done in order to pull out intelligence from the darknet about cyber-criminals. Although the precise services the firm provided is unclear, some documents acquired by the Vice’s Motherboard through a Freedom of Information Act (FOIA) request, showed that the agency has been contracted to use the services between September 1, 2016, and June 31, 2017.
There is more than one reason why the IRS may have used the services of Flashpoint, Ajay Arora, chief executive officer (CEO) and co-founder of Vera, told reporters.
“The dark web is a huge bastion of criminal exchange of PII and PHI obtained illegally and put out there for purchase,” Arora said. “Amongst a whole vast range of other criminal activity and black money.”
The senior director at Cyphort Labs Mounir Hahad told reporters that the agency may have taken a step to fighting identity theft.
“It is relevant for the IRS to be aware of compromised identities which usually end up for sale on the dark web,” Hahad said. “These identities can be used to submit fraudulent tax returns in order to cash in on tax refunds. The IRS could, for instance, put on a watch list any social security number that ends up on the dark web.”
Nick Bilogorskiy, senior director of threat operations at Cyphort, gave speculations the IRS wants to take a close look on darknet for intelligence which is related to actor groups that may try to cause harm to the agency.
“Flashpoint is one of the best threat intelligence providers,” Bilogorskiy said. “I imagine they have intelligence related to phishing and malware.”
The IRS saw a big spike in phishing and malware incidents during the 2016 tax season. There was roughly a 400% surge.He continued by saying that, the IRS itself experienced a breach in 2015 when the data of 700,000 taxpayer accounts slipped through their hands. John Koskinen, the IRS Commissioner then told lawmakers that there are over a million malicious attempts each day trying to breach the department’s computer.
He continued by saying that, the IRS itself experienced a breach in 2015 when the data of 700,000 taxpayer accounts slipped through their hands. John Koskinen, the IRS Commissioner then told lawmakers that there are over a million malicious attempts each day trying to breach the department’s computer. The discoveries also underline the increase in numbers of agencies who are paying threat intelligence firms for information as reports suggest that the U.S Customs Police last year, paid $150,000 to Flashpoint for the firm’s monitoring of dark web.
Flashpoint refused to offer comments on the specific services provided. Flashpoints take the privacy of its customers “very seriously,” the firm told reporters. “While this information is public via FOIA, and we are transparent about the verticals that we support, we do not comment on customer matters, whether private or public sector.”
There have been many cases where hackers have compromised and sell tax information of American Citizens on the dark web.
Moreover, recent reports show that tax records of American citizens are being released and sold on the darknet for $20 per W-2. Tax scams such as these are increasing as the tax season closes. Scammers and hackers have resorted to the use of advanced tools and ultra-modern software to illegally obtain sensitive financial and personal information to file fraudulent tax refunds.
Before the dark web was commercialized and adopted, it was difficult to monetize these sets of financial information. Unidentified dark web marketplaces unlocked a new market for cyber criminals and hackers. Ideally, scammers and hackers, to undertake illegal activities such as initiating in illegitimate tax returns, they can just sell batches of findings they obtained and acquired on a dark web marketplace.
Scammers with low tech understanding usually buy these sets of data on dark web marketplaces and then run their own fraudulent activities. As one investigative journalist and reporter puts it, scammers on the dark web are “preparing to file fraudulent tax refund requests on behalf of millions of Americans.”
In early February, this investigative journalist discovered a dark web marketplace which was engaged in the selling of sensitive information as well as personal data including PayPal accounts, bank account information and other personal profiles from financial service providers.
Unlike other dark web marketplaces, this precise cybercriminal shop had a section named “W-2 2016” which is more generally known as Form W-2. This short form for Wage and Tax Statement is an Internal Revenue Service (IRS) tax form which is used in the US to report wages paid to employees.
He went on to say: “This particular shop — the name of which is being withheld so as not to provide it with free advertising — currently includes raw W-2 tax form data on more than 3,600 Americans, virtually all of whom apparently reside in Florida.”
With this information available, scammers can then apply to tax returns prior to the individuals who happen to be on the list sold in the dark web marketplace. If they thereafter process the tax returns earlier, individuals on the list will suffer the rejection and denial of their permission to receive their returns by the IRS.
Many analysts predict a massive increase in fraudulent tax return cases in weeks to come. They attributed this to the fact that darknet sellers and scammers are becoming increasingly active.