Tax Season Headaches and Malware Campaigns
Cybercriminals Aim to Spoof Accounting & Payroll Firms This Tax Season
Cristal M Clark
This should not come as a total surprise to anyone, cybercriminals are aiming high this tax season by going after some pretty major accounting and payroll firms along with your hard-earned cash or tax return.
The deadline for filing taxes in the US is April 15 but as luck would have it, tax season just so happens to start for some well before that and well beyond that despised date here in the US. For many businesses, they actually prepare employee tax information i.e. 1099’s and W-2’s back in January of each year. Which in turn gives cybercriminals a wee jump start on launching campaigns in the hopes of robbing individuals and businesses in their tax fraud, financial fraud and identity theft schemes.
Not all that uncommon of a practice for cybercriminals, this year they just decided to go after accounting and payroll firms, thus branching out from businesses and individual tax payers. IBM X-Force researchers found 3 campaigns were attempting to deceive recipients into believing they were emailed by large accounting, tax and/or payroll services firm which carried malicious Microsoft Excel attachments with a payload familiar to us as one of the most common and effective banking Trojans: TrickBot.
TrickBot for those who unfamiliar, is financial malware that silently infects devices for the primary purpose of stealing valuable data such as banking credentials, then follows up with wire fraud from the device owner’s account. Should your computer become infected with TrickBot, the cybercriminals operating it would then have complete control and could do virtually anything that they wish on your device, including spreading to other computers on your network and emptying your company’s bank accounts, potentially costing millions of dollars to an employer and to any firms that they are working with.
Cybercriminals are becoming more and more brazen in their efforts to rob just about anyone and everyone that they can and legally, catching them is more difficult as each year passes because these guys learn from the mistakes of others and often times step up efforts to mask who and where they are operating from.
From an end user perspective, it’s often difficult to tell what’s real and what is not in terms of what emails are coming through, I usually advise everyone to not click on things from anyone you do not know and even if what might be sitting in your email appears to be from a known sender, if they do not email you or send links, invoices, etc, don’t click on it and report the suspicious email to the known senders company, keep your security software up to date, and report anything suspicious, ask questions, look it up online the point is, educate yourself.
Gone are the days that we can rely on the news or the government to keep us informed about every malware campaign coming at us simply because of the sheer volume of them.
Stay vigilant my friends.
Cristal M Clark