Hackers Hide Malware in Dubious IRS Notices

Two latest Trojan horse plans use emails, which claim to be coming from IRS (Internet Revenue Service) investigation.

On Thursday, May 31, 2007, IRS cautioned against two fake plans that use the brand name of IRS and tries to convince the users to download harmful Trojan horse software on their PC.

By seeing the legalese in the content of message, some users open the attachment. The attachment is known as COMPLAINT.rtf. As per security vendor, Symantec, this attachment is nothing else but a new type of Trojan horse termed as Backdoor.Robofu.

In the first scam, the email reports to come from IRS criminal investigation division for filing a false tax return against the victim. Deadly software comes in the form of IRS's complaint which attempts to download itself on PC and gives criminal a clear chance to access the user's PC. The second email scam is a complaint against the user's "business or service" and tells them it will be settled by IRS.

The IRS suggests the people not to open the link or attachment. They ensure them that IRS never sends unwanted emails or asks for any personal or financial data, for e.g., password or PIN number for bank, credit cards or any financial accounts.

An IRS spokeswoman, Lamishaw, said in the news published by Computer World on June 4, 2007, certainly IRS does not send any unwanted email and if at any time a user receives an unexpected email, it is sure to be a tricky and false mail.

Last year (2006), when the mailbox was opened, IRS had received almost 17,700 mails from taxpayers claiming almost 240 scam or phishing incidents. Over the last few days, taxpayers have started to deposit many samples of email messages to the company's phishing@irs.gov scam reporting mail address. This has helped IRS to become more aware about both scams.

Acting IRS commissioner, Kevin M. Brown said that all of us should become alert of these scam emails. On May 31, 2007, Wbir advises that uninvited mails or mail from unknown id should be deal cautiously.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 6/14/2007