A malware campaign has been spammed out widely, seemingly taking advantage of an important date in the US tax system’s calendar.
January 31st is the deadline for US employers to deliver the W-2 form to all of their workers, used to help calculate the total wages earned by an individual during the course of the year.
So, how might you respond if you received an email like this today?
Subject: FW: 2010 and 2011 Tax Documents; Accountant's Letter
I forward this file to you for review. Please open and view it.
Attached are Individual Income Tax Returns and W-2s for 2010 and 2011, plus an accountant's letter.
This email message may include single or multiple file attachments of varying types.
It has been MIME encoded for Internet e-mail transmission.
Attached to it is a ZIP file, whose filename will vary depending on the recipient. For instance, if the email is sent to firstname.lastname@example.org, the zip file will be called chris.zip.
Inside the ZIP file, is an executable file: “Individual Income Tax Returns.exe”
Sophos products detect this file as the Troj/Agent-ZWM backdoor Trojan horse, designed to infected your Windows computer and allow remote hackers to commandeer it for their own purposes.
If you thought fines for submitting a late tax return were bad enough, imagine how much worse things could be if a malicious hacker is trawling through your private documents, stealing your passwords, and accessing your online accounts without your knowledge.
Always be suspicious of unsolicited email attachments, and think before you click.Follow @gcluley
Tax return stamp image from Shutterstock.