1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft warns accountants of new phishing campaign amid tax per

    From TechnologyDaily@1337:1/100 to All on Fri Apr 14 12:45:04 2023
    Microsoft warns accountants of new phishing campaign amid tax period

    Date:
    Fri, 14 Apr 2023 11:30:42 +0000

    Description:
    Hackers are targeting financial service provider firms with the Remcos malware.

    FULL STORY ======================================================================

    Microsoft is sounding the alarm over a new phishing campaign targeting accounting firms, tax preparers, financial services providers, and similar organizations in the United States. The campaign is currently at its zenith, given that the annual tax season in the country is reaching its end.

    That means that financial service providers and similar firms are rushing to meet the deadline and file annual tax returns for their clients. As a result, they might be reckless and/or overworked, making them an ideal target for hackers.

    The phishing campaign, Microsoft says, can have different goals. Some threat actors might use these emails to distribute infostealing malware , as financial service providers often hold plenty of sensitive client data which can be used in extortion attacks. Delivering Remcos

    Alternatively, they can always sell the data on the dark web for other threat actors to make use of. In other scenarios, they can use this access to
    deliver stage-two malware, run ransomware campaigns, and similar.

    Microsoft observed some threat actors using phishing techniques to deliver Remcos, a known remote access trojan. Read more

    What is phishing and how dangerous is it?


    Everything you need to know about phishing


    Here's our list of the best endpoint protection services around

    "With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos remote access trojan.

    The emails are nothing extraordinary - the attackers claim to be a client of the victim, sharing the documents needed to file a tax return. They share the documents via a link to a filesharing service provider, thus bypassing any email security tools the victims might have installed on their endpoints.

    If the victim ends up downloading the files, theyll find a couple of bogus
    PDF files and Windows shortcut files that, if run, ultimately deliver Remcos.

    The best way to protect against phishing is to be vigilant when receiving any attachments or links in emails, especially when theyre not expected. Also, having an antivirus solution, a firewall, and multi-factor authentication, will help. Check out the best identity theft protection tools right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-warns-accountants-of-new-phishing-cam paign-amid-tax-period


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)