14 DAY TRIAL // MX Lab is warning internauts about malicious emails purporting to come from the US Electronic Federal Tax Payment System (EFTPS).
Entitled “EFTPS: Company Tax Payment Batch Has Been Rejected,” the emails inform recipients that their payments have been rejected. Users are instructed to download an attached PDF file.
In reality, the PDF file is an executable which hides a variant of the Wauchos Trojan that’s currently detected only by a handful of antivirus solutions.
Here’s what the emails look like, so you’ll know what to lookout for:
“Your Federal Tax Payment ID: 6558836841 has been rejected.
Return Reason Code R225 – The identification number used in the Company Identification Field is not valid. Please, check the information and refer to Code R966 to get details about your company payment in transaction contacts section:
EFTPS_report_1334022012.pdf (Adobe PDF)
In other way forward information to your accountant adviser. EFTPS: The Electronic Federal Tax Payment
PLEASE NOTE: Your tax payment is due regardless of EFTPS online availability. In case of an emergency, you can always make your tax payment by calling the EFTPS.”