The Internal Revenue Service (IRS) has issued an urgent warning to car dealers and sellers across the United States, highlighting a surge in sophisticated phishing and smishing scams targeting the automotive industry. These cyber threats pose a significant risk to the daily operations of businesses, potentially leading to severe disruptions.
The warning follows a recent ransomware attack on CDK Global, a software provider for car dealerships. This cyberattack affected approximately 15,000 dealerships nationwide, crippling their scheduling, sales, and order systems. Some dealers were forced to revert to manual processes to continue their operations. In response to the attack, CDK Global reportedly paid a $25 million ransom to regain control of their systems.
According to the IRS, scammers are increasingly impersonating the agency to extract sensitive financial and personal information. These fraudulent communications often come in the form of emails or text messages, urging recipients to click on suspicious links, download malicious files, or provide confidential details. The IRS emphasised that such tactics are a "favourite" among cybercriminals.
Recommendations for Protection
To safeguard against these scams, the IRS provided several recommendations for both businesses and individuals:
1. Stay Alert to Fake Communications: Be cautious of unsolicited messages that appear to come from legitimate organisations, friends, or family. These messages may impersonate banks or other financial entities to deceive recipients into clicking harmful links.
2. Avoid Clicking Unsolicited Links: Never click on links in unsolicited emails or text messages, as they may lead to identity theft or malware installation.
3. Verify the Sender: If you receive a suspicious message, verify its authenticity by contacting the sender through a different communication method. Do not use contact information provided in the unsolicited message.
4. Do Not Open Attachments: Avoid opening attachments in unsolicited emails, as they can contain malicious code that can infect your computer or mobile device.
5. Delete Suspicious Emails: To prevent potential harm, delete any unsolicited emails immediately.
Vigilance is Key
The IRS stressed the importance of vigilance in the face of these evolving cyber threats. By following the recommended precautions, car dealers and sellers can reduce their risk of falling victim to phishing and smishing scams. As cybercriminals continue to refine their tactics, staying informed and cautious remains crucial for protecting sensitive information and maintaining business continuity.
Facebook's parent company, Meta, has recently shut down two cyberespionage efforts on its social networking networks. Bitter APT and Transparent Tribe threat groups were behind these campaigns. Both groups have been based in South Asia.