1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Emotet malware impersonates IRS as 2022 tax season approaches

    From TechnologyDaily@1337:1/100 to All on Thu Mar 17 16:15:03 2022
    Emotet malware impersonates IRS as 2022 tax season approaches

    Date:
    Thu, 17 Mar 2022 15:53:38 +0000

    Description:
    Weaponized Word and Excel files are potentially distributing ransomware
    linked to 2022 tax season.

    FULL STORY ======================================================================

    As the 2022 tax season nears, numerous active phishing campaigns have been discovered impersonating the IRS to steal peoples sensitive data, and potentially - money.

    One such campaign was just recently spotted by cybersecurity researchers from Cofense, which found threat actors pretending to be the Internal Revenue Service (IRS), sending out emails with tax forms and federal returns.

    In most cases, the emails carry false 2021 Tax Return forms, W-9 forms, or other tax documents that are commonly being distributed this time of the
    year. These documents, either Word files, or Excel files, carry malicious macros, and if triggered, will download the Emotet malware . TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window << Spreading ransomware

    Emotet has multiple functions, with two most basic ones being - to spread to more machines via email; and to deliver stage-two malware. Cofense says that these days, Emotet is mostly used to deliver Cobalt Strike, ransomware payloads, or SystemBC remote access Trojan. When it infects a machine, it
    will try to weasel its way into the inbox, and use existing email threads to re-distribute itself without raising suspicion.

    Of these threats, ransomware seems to be the most obvious one, given that Emotet is being developed by the Conti Ransomware group. Read more

    Conti ransomware group has internal chats leaked after siding with Russia


    Conti ransomware source code leaked by Ukrainian researcher


    Shutterfly hit by Conti ransomware attack

    The best way to protect against these attacks is to be vigilant when opening emails or downloading attachments. The IRS never sends unsolicited emails,
    and will only correspond through the postal service.

    When receiving emails with attachments, or links, it is important to double-check the senders name and address, because thats often the first
    place where a red flag can be noticed. Also, typos, poor English, and a mismatch in visual identity , can also be clues to a potential phishing attack. And finally, hovering over a hyperlinked keyword in an email gives away its actual address. Check out the best firewalls right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/emotet-malware-impersonates-irs-as-2022-tax-sea son-approaches/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)