Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malware Purveyors Launch Fresh IRS-Related E-Mail Scam

Investigators from Trend Micro the security company caution that bogus IRS (Internal Revenue Service) e-mails are circulating online while they pose as messages from "Payment IRS.gov" and contaminate people's computers with malware.

Bearing the caption "Internal Revenue Service United States Department of the Treasury," the malicious electronic mail tells the recipient that he has committed tax fraud. In this connection he should examine his tax statement by following a given web-link to the IRS site. But when the user follows the web-link, he's prompted for taking down one newly launched LICAT variant, which Trend Micro identified as TSPY_ZBOT.WHZ.

Amazingly, similar to any LICAT sample, TSPY_ZBOT.WHZ produces Web-addresses with the help of a computation keeping the present date as base. It (the Trojan) links up with the Web-addresses so the configuration file associated with it can be downloaded. The file, reportedly, consists of information regarding the Internet sites which it'll keep watch on along with the website onto which it'll transmit all stolen info. What's more, the malware as well seems like focusing on the standard activities of ZBot which include stealing of data as well as attempts at bypassing detection by anti-virus software.

Unluckily, the LICAT malware, which security researchers have found on the Web isn't surely the last sample detected.

Roland dela Paz, Engineer at Trend Micro said that following the leakage of the source code of Zeus, the company had been observing persistent malevolent activity from the LICAT gangsters also called ZeuS Gang. Until now the gang had managed in working with the exposed source-code as well as making it up-to-date. Thus the con artists responsible for such operations, most decisively required monitoring on, while they couldn't be expected for exiting from the cyber-crime scenario over the near future, Roland remarked. Blog.trendmicro.com published this on July 27, 2011.

Eventually, for lessening such assaults, researchers recommend end-users that they mustn't follow any web-link, which come through inbound e-mails since it might have malicious software similar as in the above mentioned instance. Furthermore, they should forward such doubtful messages at phishing@irs.gov the e-mail id of IRS before trashing them permanently.

Related article: Malware Authors Turn More Insidious

ยป SPAMfighter News - 8/8/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page