It’s tax season again and that means spammers will be pumping out malicious phishing emails in hopes of catching recipients off-guard.
Sophos has already intercepted one of the tax-related spam emails going around, and is warning users not to open the files attached to it:
Subject: FW: 2010 and 2011 Tax Documents; Accountant’s Letter
I forward this file to you for review. Please open and view it.
Attached are Individual Income Tax Returns and W-2s for 2010 and 2011, plus an accountant’s letter.
This email message may include single or multiple file attachments of varying types.
It has been MIME encoded for Internet e-mail transmission.
The name of the zip archive attached to the email will vary from email-to-email as it is named after the recipient (i.e. the file will be named “sally.zip” if your email is email@example.com). However, each archive contains the a dangerous executable, “Individual Income Tax Returns.exe” that Sophos identifies as Troj/Agent-ZWM, a backdoor Trojan that will grant an attacker remote control of your system.
What to Do If You Receive This Spam Email
If this email happens to drop in your inbox, it is recommended that you:
- Avoid downloading or opening the attached file.
- Report the email to SpamCop.
- Delete the email immediately.