Cybercriminals are taking advantage of the latest round of IRS payments being sent out to families across the US by launching dozens of credential harvesting sites masquerading as American Rescue Plan Act signup sites, according to a new report from DomainTools.

Last week, the IRS began sending out the first round of child tax credit payments that were part of the larger American Rescue Plan Act passed earlier this year. The payments will be sent automatically by the IRS and require no sign-up. 

But cybercriminals have created a maze of associated websites all aiming to trick people into entering their personal information by pretending to be associated with the child tax credit payments, DomainTools’ Chad Anderson explained. 

Anderson said that by analyzing historical WHOIS information and OSINT techniques, the cybersecurity company was able to tie this…

Read more…