NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security > Spam Reports

September 10th, 2009, 14:29 GMT · By Lucian Constantin

New IRS-Themed Scam in Circulation

Adjust text size:

Security researchers warn that fake email messages purporting to be from the IRS are attempting to get receivers infected by directing them to a malicious website. This malware distribution campaign has been tracked back to the Cutwail spam botnet.

This new scam has been reported by email and Web protection company MX Logic, which is currently in the process of being acquired by security giant McAfee. "Over the past 3 hours we have been watching approximately 90,000 of these messages hitting our systems per hour," the company's spam analysts warn.

The emails attempt to scare users into visiting a malicious link by falsely informing them that they misreported their income to the IRS. "Issue: Unreported/Underreported Income (Fraud Application). Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below)," the messages, claiming to originate from no-reply@irs.gov, read.

Clicking on the URL opens a Web page bearing the IRS logo, which contains another link to a file called tax_statement.exe. Downloading and opening the executable will install malware on the computer. Cutwail, also known as Pushdo, is currently one of the largest spam-sending botnets in the world, being responsible for a big percentage of the daily junk mail traffic.

The botnet was crippled back in June when the Federal Trade Commission obtained a court order that led to the shutdown of the Triple Fiber Network (3FN) rogue ISP, harboring many of its command and control servers. However, this particular army of zombie computers has since regained traction and is now amongst the big players again.

IRS is probably the most spoofed governmental agency in illegal scams such as phishing, malware distribution or Nigerian 419 letters. However, tax administration government bodies in other countries have been targeted as well. Back in January, we reported a similar scheme spoofed Canada's Revenue Agency (CRA), in June, the Australian Tax Office (ATO) was targeted, while during July it was Her Majesty's Revenue & Customs turn.

FILED UNDER:

TELL US WHAT YOU THINK:

2,729 hits · 1 comment · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Tax Refund Scam Targets British Taxpayers

Australian Taxpayers Targeted by Phishers

IRS Does Not Properly Dispose of Taxpayer Records

Phishing Attack Targets the Canada Revenue Agency

The IRS Network Is Vulnerable

READER COMMENTS:

Comment #1 by: AngelP on 12 Sep 2009, 06:13 UTC

reply to this comment

Let us all be aware. I mean more than just the very existence of the IRS that particular IRS scam is an egregious one all that said, I mean the IRS email scam. People get an email from the IRS, with a notice of unreported income. There is no way this would happen. For one, the IRS doesn't email, and for two, if there was an unclaimed portion of your return they'd just send you a check. It asks for your credit card number. Don't buy into the IRS scam (the email one – not just the very existence of the agency) or you'll need online cash loans to undo the damage.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use