AppRiver Detects Malware-Ridden Spam Mails Supposedly from IRS

Researchers from AppRiver a security company warn that one fresh spam outbreak delivering malware while abusing the Internal Revenue Service's name is presently widely proliferating online, attacking unwitting people.

Notably, Internal Revenue Service (IRS) is an agency of the U.S government that collects taxes as well as enforces tax laws.

Using "Federal Tax Report" as header, the spam mail tells the recipient that arrears are considered as due in his name for the period 2010-11 whose calculations as per his financial debt are provided within the e-mail.

The message then signs off with "Sincerely, IRS" apparently making the entire fraud appear classy and does the agency to appear more benevolent, the security researchers from AppRiver remark.

Additionally, AppRiver states that it tracked 10,000 spam mails from the attack and isolated them every hour over the recent time, while every e-mail had an attachment called Calculations_#54585.zip.

This attachment carried an executable file named calculations.exe that if run generated a backdoor, which established an interaction with falcononfly2006.ru, through GET Web traffic on Port 80. Thereafter another fresh malware detected as Trojan.Yandere emerged from the interaction that was planted through the backdoor. The Yandere Trojan had a connection with the widely-known scareware or the fake anti-virus group of malware, the researchers explained.

Evidently, fake anti-virus software continuously warns end-users that there's infection on their computer so they require paying a fee for removing the PC-virus alternatively rectifying the error.

Unfortunately, according to the security researchers, it's because of the above kinds of incidences that there's been an increase in malicious software online during the recent months. This observation received the full backing of Symantec, another security company whose data released within its Symantec Intelligence Report for September 2011 shows that 1 e-mail out of every 188.7 during the month had malware, accounting for a 0.04% rise from August 2011.

Thus for remaining safe from the above kinds of scams, the researchers urge end-users against ever opening e-mail attachments that appear suspicious rather deleting the messages instantly. Moreover, they should use an anti-virus that's kept up-to-date, and run for a system scan, once-or-more, every month.

Related article: AppRiver Reports Security Trends for November 2008

» SPAMfighter News - 10/14/2011