Risk & Security

Cybercriminals spoof major accounting and payroll firms in tax season malware campaigns

As April 15, the US tax-filing deadline, swiftly approaches, cyber-criminals are taking advantage of the season.

In monitoring tax-related malicious activity, researchers found that threat actors have been using the financial malware TrickBot to impersonate companies, including ADP and Paychex.

“These campaigns attempted to deceive recipients into believing they were emailed by large accounting, tax and payroll services firms and carried malicious Microsoft Excel attachments,” IBM’s John Zorabedian, Dr. Martin Steigemann and Ashkan Vila wrote in today’s blog post.

“The size of the spoofed firms suggests the criminals are likely to have some success in snagging individual users and businesses that are customers of these well-known companies.” All three of the sample emails that were analyzed were written in English, indicating that the attackers were targeting victims in the United States.

Read entire post TrickBot used in tax season email spoofing | Kacy Zurkus | InfoSecurity
Advertisements

Comment here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s