Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."
on Shavlik Technologies to broaden its patch management offerings
by Werner K | Nov 26, 2008 8:36 PM
 
"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."
on Companies have security to consider with in-the-cloud Office
by SGE | Nov 25, 2008 3:29 PM
 
"how many users allow per session? because the digital persona password manager allows only 10 ..."
on DigitalPersona Pro Workstation/Pro Server
by Daniel | Nov 25, 2008 12:14 AM
 
"security through obscurity...shows how detached HIPAA is from reality."
on Privacy breaches causing business instability
by priceOfFishInChina | Nov 20, 2008 1:19 PM
 
"I have been the recipient of Agent.JEN.Trojan through an email suggesting a UPS parcel (including..."
on Trojan disguised as UPS delivery note
by Vincent Laing | Nov 13, 2008 4:01 PM
Email Security

IRS spear phishing scam targets corporate executives

  • Email a Friend
  • Print Page
IRS spear phishing scam targets corporate executives
Related Articles
By Frank Washkuch
Jun 4, 2007 9:50 AM
Tags: IRS | spear | phishing | scam | targets | corporate | executives
The scam emails, some of which purport to make these targeted executives aware of an investigation, download a trojan that seeks victims’ passwords and uploads them to remote servers.

The emails tell recipients that their "original (Microsoft Word) document was not fully loaded," and ask them to "please double-click to reload msword.exe."

While phishing schemes using the IRS as a lure are nothing new, this scam is noteworthy because it specifically targets corporate executives, said Ken Dunham, senior engineer and director of the Rapid Response Team at VeriSign iDefense.

"Attacks targeting executives are increasingly common. Executives should be on the alert for potentially hostile RTF and DOC files delivered over email, containing potentially hostile embedded files such as EXE and PDF," he said.

"This latest attack is not highly prevalent on a global scale, but represents a clear and present emerging threat against corporate executives."

The IRS on Thursday warned taxpayers of a bogus email claiming the recipient is under investigation for a false tax return sent to the California Franchise Tax Board. Other versions have claimed that a complaint has been filed against the recipient’s company and that the IRS can act as an arbitrator, according to an agency advisory.

The agency advised that it does not send out unsolicited emails or ask for personal or financial information.

"Everyone should beware of these scam artists," said Kevin Brown, acting IRS commissioner, in a Thursday news release. "Always exercise caution when you receive unsolicited emails or emails from senders you don’t know."

Earlier this week, researchers warned of a similar spear phishing email that claims to be from the Better Business Bureau.

The emails entice users into downloading keyloggers that can be used to collect personal or financial information, researchers said.

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
Messaging Whitepapers
 
Popular Tags
000 basics boarding corporate data fake goes hackers identity linkedin malware phishers phishing profiles registrars responsible scam spear targeted virus