It is the time of the year when people get anxious and stressed about their tax documents. This is also one of the most targetted parts of the year by hackers and phishing attackers.
The bad guys try to fool you in to thinking that you are receiving tax documents, but instead it unleashes malware on your system.
The new ransomware phishing campaign is designed to take over users computers when they click on the documents and links, steal personally identifiable information. Worst case scenario is to go as far as rerouting and stealing tax refunds.
Hackers try to capitalize on your anxiety, being in a hurry or just plainly old tired to get the best of you.
Most of us have received an email like this before. But this is how the new scam works. They would normally say the email is about your taxes and it would appear to have tax documents. When you open the attachment, it would appear a bit blurry and say “Can’t view the content?”
I will tell you to click “enable editing” on a menu bar – by doing so, the malware will be allowed to run on your computer. Just like that, hackers can search for personal data, take over the tax filing process, or even jump from a user’s personal computer to a work machine they may also be using at home depending on how your computer is configured.
There is no head count yet how many people have been sent or has been targeted by this email phishing campaign.
These kind of attacks are seasonal and they just adjust it depending on what is trending in the news headlines or calendar.
Each and every single time, they try to make it look legit. For example, most people would try to open stuff if they see it is from the IRS since it makes people nervous and would like to make sure they do things right. During these moments of confusion or anxiety, you sometimes forget to think twice and just open it up. There goes your computer being infected due to lack of scrutiny or due diligence.
Two remote access trojans are released to your computer called Nemcos and Network. These are notorious Malware as a service code.
Meaning they sell the malware and “If you don’t know how to use it, they’ll explain how to use the malware. Some even have multi-lingual support so you can get the most money from your hacking and phishing campaigns.
That is how structured hacking is nowadays. People sell malware and other people run it and they just get a certain percentage for every successful hack.
In this scenario, they probably have sent millions of emails as Tax Day approaches
Tax Day postponed in the U.S. to May 17 from the traditional April 15 thus giving more time for bad guys to spread mischief and theft with a bigger profit margin.