Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
 
Latest Comments
"I too have been a labor voter for many years and will not be voting for them again. The ..."
on Net filter legislation to go public by March
by maxt | Feb 9, 2010 7:56 PM
 
"I’ve just had a user receive a rehashed version of this with an attached html file containing a ..."
on ATO struck by new phishing scam
by Owen Lutz | Feb 9, 2010 6:01 PM
 
"hi"
on Chinese hacker school shut down
by manish kumar | Feb 9, 2010 4:27 PM
 
"Hey 'hey con-roy' ... from Google Australia's head of policy Iarla Flynn"We don't believe that ..."
on Conroy meets with Google for YouTube filtering
by Keep it real | Feb 9, 2010 3:33 PM
 
"@penno Off-site storage is a good solution unless you have some decent backup software to ..."
on Opinion: My holiday tip - backup your data now
by Charmgene | Feb 9, 2010 2:36 PM
Email Security

IRS spear phishing scam targets corporate executives

  • Email a Friend
  • Print Page
IRS spear phishing scam targets corporate executives
Related Articles
By Frank Washkuch
Jun 4, 2007 9:50 AM
Tags: IRS | spear | phishing | scam | targets | corporate | executives
The IRS and malware researchers warned this week of spear phishing scams specifically targeting corporate executives.
The scam emails, some of which purport to make these targeted executives aware of an investigation, download a trojan that seeks victims’ passwords and uploads them to remote servers.

The emails tell recipients that their "original (Microsoft Word) document was not fully loaded," and ask them to "please double-click to reload msword.exe."

While phishing schemes using the IRS as a lure are nothing new, this scam is noteworthy because it specifically targets corporate executives, said Ken Dunham, senior engineer and director of the Rapid Response Team at VeriSign iDefense.

"Attacks targeting executives are increasingly common. Executives should be on the alert for potentially hostile RTF and DOC files delivered over email, containing potentially hostile embedded files such as EXE and PDF," he said.

"This latest attack is not highly prevalent on a global scale, but represents a clear and present emerging threat against corporate executives."

The IRS on Thursday warned taxpayers of a bogus email claiming the recipient is under investigation for a false tax return sent to the California Franchise Tax Board. Other versions have claimed that a complaint has been filed against the recipient’s company and that the IRS can act as an arbitrator, according to an agency advisory.

The agency advised that it does not send out unsolicited emails or ask for personal or financial information.

"Everyone should beware of these scam artists," said Kevin Brown, acting IRS commissioner, in a Thursday news release. "Always exercise caution when you receive unsolicited emails or emails from senders you don’t know."

Earlier this week, researchers warned of a similar spear phishing email that claims to be from the Better Business Bureau.

The emails entice users into downloading keyloggers that can be used to collect personal or financial information, researchers said.

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
 
Messaging Whitepapers
 
Popular Tags
419 attack attacks bill block bomber email facebook fraud gates malware mcafee network phishing scam security smartphone social spam websense