IRS Tax Forms Pose Malware Threat, Experts Warn

IRS Tax Forms Pose Malware Threat, Experts Warn

아리 데니알
Published by: 아리 데니알 on 3월 28, 2024

According to cybersecurity experts at Palo Alto Networks and Malwarebytes, hackers often impersonate the IRS in their efforts, and they have recently uncovered two distinct phishing campaigns using varied methods.

A phishing campaign discovered by cybersecurity researchers reveals that hackers are sending fake W-9 tax forms through email, impersonating the IRS. However, the form is a disguised Emotet malware, capable of stealing sensitive information from infected endpoints and propagating itself. The Emotet malware can also serve as a dropper, enabling attackers to distribute various other types of malware, such as ransomware.

Following Microsoft’s decision to block macros in downloaded Office documents by default, Emotet adopted a new strategy, utilizing Microsoft OneNote files containing embedded scripts to install the malware.

When initiating the embedded VBScript file, Microsoft OneNote will alert the user of the possible malicious nature of the file. However, it has been observed that many users tend to disregard these warnings and proceed to run the files, as evidenced by past experiences. Upon execution, the VBScript downloads the Emotet DLL and triggers its operation via regsvr32.exe.

If you receive an email requesting W-9 or other tax forms, it is recommended that you scan the documents first with your local antivirus software. However, as these forms contain sensitive information, it is not advisable to upload them to cloud-based scanning services like VirusTotal.

Typically, tax forms are disseminated in the form of PDF documents rather than Word attachments. Therefore, if you receive a tax form as a Word attachment, it is advisable to refrain from opening it and enabling macros.

It is highly unlikely for tax forms to be distributed as OneNote documents, so it is recommended that you delete the email immediately and avoid opening it if you receive one.

이 기사가 마음에 드셨나요? 평가해 주세요!
정말 싫습니다 별로 좋아하지 않습니다 괜찮습니다 꽤 좋습니다! 정말 좋습니다!
5.00 1명의 사용자가 투표
제목
코멘트
피드백을 주셔서 감사합니다