Online criminals are often known to use big time events to scam people and steal their money or information.
With the US tax deadline approaching, the cybercriminals are once again preparing to strike through the use of many methods, including malware scam and also the method called phishing.
With most of the US population aiming to do their taxes during the following month, the hackers are getting creative. They will often pose as online tax experts or even the tax collectors, in order to get your information and gain access to your online possessions. Because of this, the IRS issued a warning on phishing scams, to help the taxpayers avoid the last minute e-mail scams that the Microsoft Malware Protection Center has identified.
One of the tactics used by these hackers is sending an e-mail where they claim to be tax specialists and then try to spook the victim into clicking the link that they provided. They claim that the link will lead them to the tax report, but these ‘reports’ are, of course, nothing more than the phishing pages used by the hacker to steal your data. The hacker will try to convince the taxpayer that the time limit for their payment has been cut short so that the confused victim will hand over their data without even realizing what’s going on.
Another of the tactics often used by the cybercriminals is pretending to be the IRS. They send the Microsoft Word document and claim it’s ordered to attend court, hoping to play on their victim’s fear.
The instructions contained within the message say that the receiver should download the document and enable editing in order to see the content. If this is done, the process is started that downloads a Zdowbot Trojan malware onto the machine used to view the document. This malware, once installed, allows the hacker to follow every action done on the infected computer, and also gives them the option to download and install even more malware.
You’d think that these hackers only target the taxpayers, but no! They’re also targeting the accountants in search for new clients and jobs. In their search for the new client, they’re more likely to open emails, documents, and links sent by unknown contacts, thus allowing the hacker to steal their data as well. In this case, a similar text document is attached to the email, and once downloaded by the victim, it installs the Omaneat info-stealing malware that monitors applications, tracks web browsing history and spies on everything done on the machine. This method puts to risk not only the accountants but also their clients and their data.
There are more online schemes used by these hackers to steal from you, but care and awareness can save you from becoming their victim. Be careful when opening suspicious emails, and never give your bank account details via the internet, because the real tax collectors will never ask you for them. If someone does ask, they’re a cybercriminal.