In case you missed it, Tessian recently published a blog around the most common types of Tax Day scams in both the US and the UK.
Unfortunately, though, these aren’t the only opportunistic phishing attacks bad actors are carrying out this time of the year. They’re also launching Census scams.
As they do in Tax Day scams, cybercriminals will be impersonating government agencies. In this case, you’ll find they’re generally impersonating either the U.S. Census Bureau or an agent, or a third-party agency working for the U.S. Census Bureau.
Hackers have a range of threat vectors they can use to carry malware or gain access to sensitive information. In the past, we’ve seen attacks via email, phone, social media, job boards, and even traditional mail.
The common thread between all of these attacks is the request for sensitive personal information like home addresses, social security numbers, ethnicity and information related to the members of your household. This information could be used to make you a victim of identity theft.
It’s important to remember that attacks may not ask directly for this information and may instead direct you to another webpage or portal via a link or QR code.
In this post, though, we’ll focus on email scams.
Because it’s mandatory for all households to participate in the census, every US resident over 18 years of age is at risk of being targeted. That means that over the next several weeks, everyone in every state needs to exercise caution when responding to a request for personal information that appears to be coming from the U.S. Census Bureau or an affiliated individual or organization.
While it’s true that attackers use different tactics and capitalize on different moments in time to trick their targets, individuals should always follow the same guidelines if they think they’ve received a fraudulent request for information, whether by mail, email, SMS, or another online forum.
The best way to stay safe is to stay informed.
The Census Bureau has issued its own advice on how to stay safe from phishing scams online and over the phone. Read their tips here.