Filing your taxes electronically is certainly easier than doing so the old-fashioned way but taxpayers that used the tax preparation service eFile.com over the last few weeks could have been exposed to malware.
In a Reddit post from March 17, a number of eFile.com users voiced their concerns that the company’s website may have been hijacked after an SSL error message began appearing on the site.
The fake error message said that “The site can’t be reached” while warning users that the current version of their browser “uses an unsupported protocol." It also contained a link that eFile.com customers could use to update their browser.
At this time though, the full scope of the incident including how many eFile.com customers may have been successfully infected with malware is unknown. Likewise, the company has yet to release a statement on the matter.
However, the LockBit ransomware gang did say that it had hacked eFile.com back in January which would have given the cybercriminal group more than enough time to prepare and launch an attack on the company’s customers.
How to stay safe when filing your taxes online
If you did use eFile.com to prepare your tax return between March and April of this year, you may have accidentally installed malware on your Windows PC thinking your browser did require an update.
If this is the case, you can use the best antivirus software to thoroughly scan your system for any signs of a malware infection. It may also be worth signing up for one of the best identity theft protection services as they can help you regain lost funds in addition to recovering your identity.
Despite this recent attack on eFile.com, filing your taxes electronically is still the easiest way to do so for most people. However, you want to thoroughly research any tax service you plan on using and even if it costs a bit more, it’s worth going with a well-known provider like one from our list of the best tax software since so many personal and financial details are included when filing your taxes.
We’ll likely hear more about this incident once eFile.com decides to release a statement, though the company could be forced to issue a data breach notification to affected customers as well.