14 DAY TRIAL // Security researchers from Websense warn of several new phishing campaigns that instruct recipients to open rogue html files attached to the fake emails.
Some of them are taking advantage of the UK and US tax seasons and spoof the taxation authorities in those countries.
A wave of emails purporting to come from the HM Revenue & Customs (HMRC) masquerade as tax refund alerts.
They feature a picture of famous British newsreader Moira Stuart who stared in HMRC tax ads back in 2008.
The emails are similar to the common tax return phishing scams, but instead of directing recipients to a malicious page, they instruct them to open the attached HTML form.
"I am sending this email to announce: After the last annual calculation of your fiscal activity we have determined that you are eligible to receive a tax refund of [sum] GBP.
"You have attached the tax return form with the TAX REFUND NUMBER ID: [number], complete the tax return form attached to this message," the fake notifications read.
A separate tax refund phishing campaign spoofs the IRS and informs recipients that they are eligible to receive stimulus payments. These fake IRS emails also carry a form and instruct people to open it in a JavaScript-enabled browser.
Other recent phishing attacks target the customers of serveral banks and have rogue html documents attached to them.
One such message, allegedly from Alliance Leicester, warns recipients of irregular activity on their Internet banking account and asks them to open a file called login1.htm.
Another recently circulated email asks Lloyds TSB Bank customers to verify a payment by opening the attached "Payment Receipt.html" document.
People are advised to ignore emails carrying html files as attachement or to input information into offline forms. Requests from banks or other financial organizations should always be confirmed over the phone before taking any action.