Cybercriminals spoof major accounting and payroll firms in tax season malware campaigns

As April 15, the US tax-filing deadline, swiftly approaches, cyber-criminals are taking advantage of the season.

In monitoring tax-related malicious activity, researchers found that threat actors have been using the financial malware TrickBot to impersonate companies, including ADP and Paychex.

“These campaigns attempted to deceive recipients into believing they were emailed by large accounting, tax and payroll services firms and carried malicious Microsoft Excel attachments,” IBM’s John Zorabedian, Dr. Martin Steigemann and Ashkan Vila wrote in today’s blog post.

“The size of the spoofed firms suggests the criminals are likely to have some success in snagging individual users and businesses that are customers of these well-known companies.” All three of the sample emails that were analyzed were written in English, indicating that the attackers were targeting victims in the United States.

Read entire post TrickBot used in tax season email spoofing | Kacy Zurkus | InfoSecurity

Leave a comment

%d bloggers like this: