Fake US Tax Court Email Drops Keyloggers

A new spear phishing scam is currently in progress as lots of companies have received fake emails apparently sent by the US Tax Court that ask recipients to click on a link included in the message body. Security company McAfee has also received an email of this kind. According to Kevin McGhee, such attacks are usually well-informed because they contain the name of the companies as well as other details which could trick readers into clicking the link. Such attacks usually target company executives, the McAfee official explained.

"The scammers do their homework when it comes to spear phishing. Instead of pumping out millions of emails to anybody and everybody, spear phishers send out their scams only to people they know will be susceptible to the scam. In this case a top executive-rather than the average employee-is much more likely to be involved in a court case of this nature," Kevin McGhee said.

Obviously, clicking on the attached link is not quite a good idea because visiting the malicious website may drop files such as keyloggers and malware. The United States Tax Court has already been informed about the scam and published an advisory on its official website advising users to avoid clicking on the link included in the email. However, you can also update the anti-virus solutions to the latest virus definitions and keep the other security technologies enabled in order to be sure that no threat reaches your computer.

"The United States Tax Court has received many telephone calls regarding an e-mail which purports to originate from the Court being sent by a member of the Tax Court's practitioner bar. This message is an example of "Spear Phishing", which is an e-mail spoofing attempt that targets a specific organization," the US Tax Court wrote in the notification. "Do not click any link within the email message," it continued.