Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Scammers Send E-mails Supposedly from IRS to Load Dangerous Malware

U.S is now in its tax season, just time when Internet fraudsters have yet again started sending fake e-mails pretending to be from IRS (Internal Revenue Service) for carrying out phishing attacks. The most recent attack that Heimdal Security's researchers have discovered asserts as telling recipients they're about to get a tax reimbursement from the tax-collecting agency.

Heimdal Security's investigation team has found that the e-mails produce one extremely unusual type of payload through a file attached which makes Windows PowerShell active thus facilitating the downloading of CoreBot and Kovter.

Viewing the attached file while overlooking several alert messages causes the malicious program to infect the user's computer by using his rights, and incase of utilizing administrator account every day, the target user maybe prompted towards rethinking.

The scam electronic mail poses as being of a tax re-imbursement message; however, arrives carrying the CoreBot malware and Kovter Trojan. The latter is frequently used for delivering ransomware. It's slightly different as when downloaded the Trojan may reside within the registry instead of on the user's disk. Kovter as well resides on memory while utilizes the registry for persistently making sure it's installed inside memory each and every time the contaminated PC boots-up. DigitalTrends reported this, January 6, 2016.

Widely recognized banking malware, CoreBot is featured with filching critical login details. The threat is mainly proliferated within the U.K and U.S to steal Internauts' banking credentials.

The profusely distributed fake e-mail seems an IRS message with subject line: "Payment for tax refund # 00 [6 random numbers]" as well as carries one zip attachment named Tax_Refund_00654767.zip -> Tax_Refund_00654767.doc.js.

It's a popular technique to create IRS spam mails and use them for acquiring sensitive information from taxpayers. Such campaigns apply different techniques such as adding web-links leading onto malware serving pages, e-mails which assert as providing information for stimulus payment, or distributing corporate executive-targeted spear phishing electronic mails.

Thus, IRS earnestly wishes for reiterating that it won't ever get in touch with anybody over e-mail, text message alternatively, social media. So taxpayers require being more cautious about any IRS electronic mails which arrive within their mailboxes this tax period.

ยป SPAMfighter News - 1/11/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page