Targeted Irs E-Mail Scam Chooses Organizations

ESoft, the security company is warning consumers to remain vigilant of an ongoing phishing scam. Appearing similar to the ordinary Internal Revenue Service e-mail scam, the recent malicious campaign, however, has a fresh twist. It distributes targeted e-mails among organizations, informing the recipient that certain complaint related to tax evasion has been lodged against the organization.

Explains Patrick Walsh CTO of eSoft, if any user opens a given attachment in the scam e-mail, then his system will be infected with a malicious Trojan. InfoSecurity reported this on February 8, 2010.

Apparently, users feel inclined towards viewing the e-mail because it contains an attached document named "balance report." Being a Microsoft Word file, the attachment gains the trust of most users, who move ahead to click on it for more information.

But, the file in reality uses the Rich Text Format and has an obfuscated executable. When clicked, a message appears that there was an error so the user must click again for starting the Word program. However, when the user does so, it results in the malicious executable's installation on his system.

Consequently, there begins to run two processes, which are appended to Windows startup for running whenever the system boots. According to eSoft, these processes transmit stored data from the computer to the remote hacker with the help of HTTP connections.

Since the attack is malicious, Walsh suggests end-users to exercise caution while handling supposed warnings or reminders apparently from the IRS.

Meanwhile, IRS again repeated that it wouldn't ever contact its users through electronic mails. Consequently, it tells both individuals and organizations that if an e-mail comes to them stating it's from IRS alternatively takes them onto an IRS website then they must avoid clicking it at the very outset.

Secondly, users mustn't click on any unknown attachment since it may have malware. Also, they must forward the e-mail to IRS and then delete it. Affected entities can as well use IRS' toll-free numbers to notify the phishing fraud.

Lastly, organizations already affected with the e-mail scam should scan their computers with anti-virus software so that the infection doesn't spread further.

Related article: TRUSTe Certified Websites May Still Contain Malware

» SPAMfighter News - 18-02-2010

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial