Electronic Federal Tax Payment System Spam Used to Spread Cridex Malware

Bogus EFTPS emails try to trick payment processors into visiting a malicious website

By on January 16th, 2013 22:01 GMT

Users are advised to beware of emails apparently coming from the US Department of Treasury’s Electronic Federal Tax Payment System (EFTPS).

According to experts from GFI Labs, bogus emails entitled “Payroll declined” have been seen landing in inboxes over the past period.

They inform recipients of the following: “This note was sent to inform you that your batch payment was Declined. [date] Transaction details is accessible by sign in the Batch Provider using this link.”

The links in the email don’t point to the EFTPS site, but to a malicious website that’s designed to push the Cridex malware.

Experts believe that cybercriminals are using the EFTPS’s name because such emails will likely attract the attention of payroll processors.

On the other hand, if they manage to infect the device of an individual that handles payrolls, the cybercriminals can gain access to a large amount of sensitive information that they could use to commit fraud.

Comments