Microsoft Warns Accounting Firms Of Targeted Attacks As Tax Day Approaches
Accountants are being urged to be on the lookout for dangerous hackers ahead of US Tax Day, as cybercriminals take advantage of the hurry to prepare tax returns for clients.
Individuals in the United States are required by law to file their tax returns by Tax Day, which this year is Tuesday, April 18.
ALSO, READ CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs
Accounting firms and bookkeepers will inevitably be swamped with client paperwork during this time. Also, cybercriminals have been active, Microsoft says, spreading malware in anticipation of the impending deadline.
As security experts at Microsoft warn, accounting and tax return preparation firms have been targeted in a malware campaign that disguises itself as an email from a client.
ALSO, READ Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Microsoft Warns Accounting Firms Of Targeted Attacks As Tax Day Approaches
Part of the email reads:
I apologize for not responding sooner; our individual tax return should be simple and not require much of your time. I believe you would require a copy of our most recent year’s documents, such as W-2s, 1099s, mortgages, interest, donations, medical investments, HSAs, and so on which I have uploaded below.
The email continues to share a link where it claims a password-protected PDF can be downloaded containing confidential documentation.
However, if the ZIP archive is downloaded and opened, it triggers the download of additional malicious content, which installs a copy of the Remcos Remote Access Trojan (RAT), thereby creating a backdoor through which a hacker could potentially compromise the target’s computer and network.
ALSO, READ Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
An attacker could steal data and spread themselves laterally across a network after successfully delivering Remcos to a victim’s PC.
Microsoft Warns Accounting Firms Of Targeted Attacks As Tax Day Approaches
If a ransom is not paid, the stolen information may be used by the criminals to further penetrate the targeted organization, launch an assault against the company’s business partners, or simply be sold on the dark web.
It makes sense for all organisations, not just those involved in preparing tax returns for clients, to take great care when handling email attachments and links, especially when delivered alongside unsolicited emails.
Companies should protect themselves with a layered defence, keep their systems patched against vulnerabilities, and follow safe computing practices to reduce the chances of becoming the victim of an attack.
Be First to Comment