Tax on streaming services (and more) progresses in Louisiana
Estate tax planning tips as Trump 2.0 is set to take over

2 men charged in Trojan horse hack of tax professionals

Trojan_Horse_replica_Turkey_Turkish-Archaeological-News-1
The modern wooden replica of the Trojan Horse, created in 1975 by the Turkish architect İzzet Senemoğlu, stands today at the ruins of Troy archaeological site in Turkey. (Photo: Turkish Archaeological News)

Two Nigerian men, one living in North Dakota and the other in Mexico, have been charge with in connection with a scheme to allegedly steal client information from several Massachusetts tax preparation firms’ computer networks.

Federal investigators allege that once the duo got the tax data, they filed fraudulent returns and had the associated false tax refunds deposited in bank accounts the pair controlled.

In total, the scheme’s co-conspirators allegedly filed more than 1,000 fraudulent tax returns that claimed more than $8.1 million in false tax refunds over approximately five years. Of that amounts, federal officials say the alleged scheme participants successfully obtained more than $1.3 million in fraudulent tax refunds.

Scheme charges finally revealed: The scheme was implemented between June 2016 and June 2021, according to the Department of Justice (DoJ), but details were kept under wraps until last week.

The DoJ unsealed the documents, with details on the alleged scheme by the pair, on Nov. 13 after one of the men was arrested in October at Heathrow Airport in London at the request of the United States.

U.S. officials says they will be seeking extradition of Matthew A. Akande from the United Kingdom to face the alleged tax crime charges.

Akande, who lived in Mexico when the charges were filed, was indicted by a U.S. federal grand jury in Boston on July 19, 2022, on a variety of charges. They include —

  • one count of conspiracy to obtain unauthorized access to protected computers in furtherance of fraud and to commit theft of government money and money laundering,
  • one count of wire fraud,
  • four counts of unauthorized access to protected computers in furtherance of fraud,
  • 13 counts of theft of government money, and
  • 14 counts of aggravated identity theft.

His alleged partner, Kehinde H. Oyetunji of North Dakota, pleaded guilty in federal court in Boston on Dec. 22, 2022, to one count of conspiracy to obtain unauthorized access to protected computers in furtherance of fraud and to commit theft of government money, and money laundering.

Oyetunji’s case details also were sealed until last week. His sentencing is pending.

Phishing RATs: The information used to file the fake returns allegedly was stolen from Massachusetts tax preparation firms that fell victim to phishing attacks and subsequent computer intrusions.

Phishing emails were sent to five Massachusetts tax preparation firms, purporting to be from a prospective client seeking the tax preparation firms’ services. Instead, according to the court filings, the emails were the delivery mechanism of malicious Remote Access Trojan, or RAT, software.

RATs are designed to look like legitimate remote access tools, but they're actually programmed to stay hidden and perform tasks without the user's knowledge. Hackers can trick users, hence the Trojan horse reference, into downloading the malicious software that is sent as an email attachment or a link on a seemingly legitimate website.

Federal officials say that in the Massachusetts cases, Warzone RAT malware was downloaded, allowing the accused to allegedly obtain personal information and prior year tax data of the tax prep firms’ clients.

Tax Felon Friday: As this just revealed case shows, anyone or any company can become a hacking victim.

When it involves tax data, the crime can cause problems for legitimate taxpayers — and their tax preparers whose systems were compromised —  who don’t learn their info has been stolen until they go to file their returns.

If you suspect your business has been the target and/or victim of a cyberattack, file a complaint with the Internet Crime Complaint Center at www.ic3.gov.

Taxpayers and tax preparation firms that suspect they have been the target and/or victim of a phishing attack can also forward phishing email(s) to [email protected].

All us taxpayers who are handing over our critical tax data to tax pros also need to be aware of tax security. You can find more posts on avoiding and recovering from tax-related criminal activities in the ol’ blog’s tax scams and identity theft categories. Here are a few to get you started:

And if you want to catch up on tax miscreants who have been charged and/or convicted, a good place to start is the special Tax Felon Friday page.

You also can find tax crime posts, notably those that were published long before I gave them a special end-of-week feature moniker, in where else, the ol’ blog’s tax crimes category. You'll find this post at the top of that collection right now, so just scroll down for more.

 

Advertisements

🌟 Search Amazon Electronics 🌟
The text link above is an affiliate ad. If you click through and then buy a product, I receive a commission.

 

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)