RSS Alerts

Share

More services

Related Links

Related Stories

  • Financial institutions battered by phishing attacks
    Financial institutions are subjected to an average of 16 phishing attacks per week, costing them between $2.4 and $9.4 million in losses each year.
  • Spearphishing emails target customers of ill-equipped banks.
    The FBI has slammed poor security in financial institutions, after identifying a drastic rise in money being stolen from small to medium-sized businesses via spearphishing emails, it said in an intelligence note early this week.
  • FBI director almost fell for phishing attack
    The director of the FBI and the man charged with protecting the US from cyberthreats, Rober Mueller, has given up online banking after a phishing scare.
  • US phishing attacks decline in third quarter
    The third quarter security trends report from Commtouch and its security alliance partners suggests that phishing is now on the decline, after peaking in the summer.
  • Data Breach Spring
    Infosecurity’s Drew Amorosi examines three data breach incidents from the past few months that, by their nature, keep security vendors in business, regulators busy, and CISOs up at night. Find out why industry observers think this rash of massive breaches could lead to a ‘PCI for consumer privacy’

Top 5 Stories

News

IRS phishing scam targets corporate email

08 February 2010

Security firm eSoft is warning clients about an IRS phishing con that is specifically targeting businesses and corporate email accounts.

eSoft CTO Patrick Walsh sent up a warning flare regarding tax time phishing attempts claiming to be from the IRS, as noted in his Infosecurity blog post today. The emails are a variation of the usual IRS phishing expeditions that typically target end users during tax time, but this campaign aims to infect organizational machines through corporate rather than personal email.

According to Walsh, opening the attached document begins the process of infecting the user’s machine with a monitoring trojan that will “report back to the attacker and download malicious payloads”. Walsh warns that although the attachment appears to be a Word document – luring unsuspecting readers into opening the doc – it is actually an RTF file that contains a hidden executable.

Walsh preaches caution when dealing with so-called reminders or warnings purporting to be from the IRS. “The IRS will never email you if they need to contact you”, he said. “Any emails coming from them are likely malicious scams.”
 

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012