According to the Websense, tax-related spam is starting to rise, especially now that the US tax return season has also started.
The most recent attacks, says Websense, are mainly form-based and the company's research teams are seeing these arriving in several varieties, but the main one is a request for the recipient to complete an attached HTML form or zipped file containing an HTML form.
"Given that it is tax season, this phishing attack often takes the form of welcome news: it purports to be an email notification from the tax office indicating a refund", said Websense in its latest security blog.
"As usual, spammers are keeping abreast with the important events of the season, and know that January is when the public usually submits returns and starts getting refunds", it added.
The form-based approach, says Websense, is a slight variation as it seems that the spammers don't seem to be restricting themselves to the usual direct links to phishing sites to lure unsuspecting recipients to divulge personal details.
"Form-based attacks are a type of phishing. Instead of using a link to take the recipient to a phishing site, they include a form that the user is asked to complete. When the user completes and submits the form, the details are sent to the attacker", says Websense.
The company has posted a helpful video showing how form-based attacks work.