CERT mailing list archives
Current Activity - US Tax Season Phishing Scams and Malware Campaigns
From: Current Activity <us-cert () us-cert gov>
Date: Fri, 26 Mar 2010 10:59:18 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity US Tax Season Phishing Scams and Malware Campaigns Original release date: March 26, 2010 at 10:21 am Last revised: March 26, 2010 at 10:21 am In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign. These phishing scams and malware campaigns may include the following: information that refers to a tax refund, warnings about unreported or under-reported income, offers to assist in filing for a refund, or details about fake e-file websites. These messages, which appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code. At this time, US-CERT is aware of public reports indicating that there is active circulation of a tax season malware campaign. This malware campaign may be using malicious code commonly known as Zeus or Zbot. US-CERT encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns: * Do not follow unsolicited web links in email messages. * Maintain up-to-date antivirus software. * Refer to the IRS website related to phishing, email, and bogus website scams for scam samples and reporting information. * Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams. * Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks. Relevant Url(s): <http://www.us-cert.gov/cas/tips/ST04-014.html> <http://www.us-cert.gov/reading_room/emailscams_0905.pdf> <http://www.irs.gov/privacy/article/0,,id=179820,00.html?portlet=5> ==== This entry is available at http://www.us-cert.gov/current/index.html#us_tax_season_phishing_scams -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS6zLsj6pPKYJORa3AQJaUAgAgD/YtWcrOJ8KsfmstDihc1vwyyjPLJcX 9AuRCqW4CO1TVox3IkjkeVcy6dYdn6BLE2HHgqhpaRaoshNS8GEPgArXHsG/Gp7r wmd4Vpr84fCcpfCmFyMnTM5H2F6NCCOrGmzWhM278vy4dWc7gD9KQlxgJnVrJdnV gyAb1xCc6V70W5VsqFVpZx2a5Suw1Uo+ZJCxI6izlnXif5LS09xl08HRQv4xUCs9 i8pdNfdXt1AxhnGQxEwIFxfycbxeeTYRCVDVcdMmfWuiF+pZ0OE9iEHK2QGN54kC kVvk2x+DsY1P+w8o4rpeagit6BQQUn/k+mDjunFT00w1aXRQZYkddA== =7+ln -----END PGP SIGNATURE-----
Current thread:
- Current Activity - US Tax Season Phishing Scams and Malware Campaigns Current Activity (Mar 26)