Tax - and Peak PII - Season is Here

Next: Poseiden and the Brazilian Data Deluge
Previous: Our Partnership with TRSS
As the deadline to file tax returns approaches in the U.S., we see a significant uptick in leaked PII.
Writer Emily W.
March 03, 2016

Emily serves as the VP of Research at Terbium Labs. With a background in International Relations, Emily alternates between quiet rants about Russian politics and foreign policy, while crafting blog posts about the realities of the Dark Web (hint: red rooms aren't real).

Tax season is upon us. In the midst of accountants marketing their services and non-stop emails incentivizing the use of tax software, personally identifiable information (PII) continues to appear in large dumps across the dark web. We’ve seen a sizeable increase in the presence of PII over the last month. The increase in PII as tax season approaches puts breach victims at an even greater risk for identity theft and tax fraud.

PII appears on the dark web in a variety of formats. Whether a simple email and password combination or a complete and detailed breakdown of personal and financial details, criminals require very little assistance to consolidate all of the information they need to conduct fraudulent activities. An email and password may seem innocuous in comparison to a detailed list of personal information, but gaining access to an account — whether an email account, a social media account, or a retail merchant account — gives criminals everything they need to piece together an identity. Missing pieces (a Social Security Number, a security question) can be sourced or sold on the dark web.

The most concerning PII dumps we see are the ones that remain unattributed to a specific source, group, or organization. Every day, Terbium Labs indexes many thousands of pieces of PII, of which only a tiny percentage is identified by the original poster or vendor. For every vendor claiming credit for the database they breached, or the music accounts they have for sale, there are thousands of dumps containing detailed PII, and no one (least of all the account holder) is the wiser. The IRS has already publicized two instances of tax fraud in their internal systems, which is only the beginning of the outbreak of tax fraud we anticipate over the next two months. We have even indexed database dumps belonging to online tax software companies - not the news you want to hear when you trust them with your personal information.

analysis March 20, 2019
Trends and Projections: Shifting Law Enforcement

For the first post in the Trends and Projections series, we unpack the increased law enforcement attention toward cyber-enabled fraud and the shift in resources allocated to taking down dark web communities trading compromised...

analysis January 24, 2019
Collection #1: Why You Should Care but Not Panic

January is not yet over and 2019 has already brought us the second biggest collection of stolen data in history. Unlike traditional data breaches, Collection #1 is actually a massive collection of smaller credential...