back to article April brings tulips, taxes ... and phisherfolk scammers

The last few days of America's tax season are stressful enough, dealing with deadlines and, increasingly, online scams. Now comes another one, a sophisticated and ongoing phishing campaign by a threat group dubbed "Tactical#Octopus" that is using tax-related lures to spread malware. Threat researchers at cybersecurity firm …

  1. Paul Crawford Silver badge

    Don't Americans have the equivalent of PAYE so employers do the tax work up-front, and employees only have to do something if they have other or unusual jobs?

    1. Cxwf

      We do not. Or I guess you could say we do, but it’s an intentionally crippled version with very limited functionality so as not to compete with the paid tax service providers.

      And the paid providers actually do offer pretty good service, it’s just…not free.

    2. David 132 Silver badge

      Not really. For most employees, tax is withheld each month by the employer, and then come Tax Day the next April, the employee has to use either tax software (free, online, or not) or a paid tax accountant to reconcile that amount of tax with what they actually owe. The amount withheld can be adjusted; if the employer withholds too much you get a nice refund cheque from state or Federal, and if not enough has been withheld you're the one writing the cheque for the difference. You have to factor in interest paid on bank accounts, mortgage payments (we still have tax relief on mortgage interest; in the UK it was known as MIRAS but phased out when Major & Blair decided it was too much of a perk for the middle classes), dividends, business expenses and so on. Add to that the fact that there are federal taxes, state taxes, and if you're particularly unlucky city/county taxes too, and it's a hot mess.

      Personally I dump all my paperwork each year onto a really nice tax accountant who in return for a very reasonable fee of a couple of hundred dollars, takes care of it all for me. Life's too short to do it myself.

    3. Mr Dogshit


      Why that sounds like SOCIALISM!

    4. JimboSmith Silver badge

      No, and one of my friends in the USA says they prefer our PAYE system. I was sent a text telling me that HMRC owed me money and I should click the link to claim. As I hadn’t actually submitted my taxes (or more accurately my accountant hadn’t) HMRC owing me money was unlikely. I reported it as SPAM to my mobile phone company and went back to more serious matters…….That money in Nigeria that the Prince needs to get out of the country with my help won’t move itself……or so he tells me anyway.

  2. Anonymous Coward
    Anonymous Coward

    For the encrypted zipfile malware,

    seems like there's a very simple mitigation. Any password-protected zipfile gets automatically quarantined by the email server (email itself still arrives), and the recipient has to explain to IT who sent it, why, and what's in it - and IT approves the explanation - before IT releases the file.

    Won't work for personal email, obviously, but would at least protect companies.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like