From Tax Refund to Total Compromise: IRS-Themed Phishing Email Drives Full-Stack Financial Fraud

Cofense Intelligence describes a multi-stage IRS/Elon Musk-themed phishing campaign offering a fake $5,000 tax refund that redirects victims to credential-phishing pages and a fraudulent cryptocurrency marketplace; attackers exfiltrate form data via a Telegram bot and then solicit photo IDs and bank details to enable identity theft and direct theft via ACH and required Bitcoin deposits.