Scammers capitalizing on tax season to spread Zeus

Share this article:

Cybercriminals have been capitalizing on tax season by sending messages that appear to come from the Internal Revenue Service but actually lead to the data-stealing trojan Zeus, researchers at anti-virus firm Trend Micro warned Thursday.

The messages ask users to follow a link and review their tax statement to fix errors related to unreported or under-reported income, according to Trend Micro. The URL leads users to a variant of Zeus, which steals information from compromised systems and sends it back to attackers.

With the tax deadline nearing, these types of scams are likely to ramp up, US-CERT warned on Thursday. Other phishing and malware campaigns taking advantage of tax season could include offers to help recipients file for a refund or details about fake e-file websites.

The IRS last week warned users about phishing, as part of its annual “dirty dozen” list of tax scams. Scammers will try and obtain users' personal information by impersonating the IRS in emails, tweets and phony websites, the agency warned. For example, scammers will likely tell consumers they are entitled to a tax refund, but they must reveal personal information to claim it.

“Taxpayers should be wary of anyone peddling scams that seem too good to be true,” IRS Commissioner Doug Shulman said in a statement. “The IRS fights fraud by pursuing taxpayers who hide income abroad and by ensuring taxpayers get competent, ethical service from qualified professionals at home in the U.S.”

Taxpayers who receive a message claiming to come from the IRS should not open any attachments or click on any links, the IRS warned.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.