Posted on 9/29/2009, 5:29:31 PM by ShadowAce
IDG News Service -
Criminals are waging a nasty online campaign right now, hoping that their victims' fears of the tax collecter will lead them to inadvertently install malicious software.
The spam campaign, entering its third week now, is showing no signs of slowing down, according to Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham. This one campaign accounts for about 10 percent of the spam e-mail that his group is presently tracking, he said. "This is the most prominent spam-delivered virus in the world right now," he said.
Since first spotting the spam on Sept. 9, antispam vendor Cloudmark has counted 11 million messages sent to the company's nearly 2 million desktop customers, said Jamie Tomasello, abuse operations manager with Cloudmark. That number is "very high," she noted.
The messages typically have a subject line that reads, "Notice of Underreported Income," and they encourage victims to either install the Trojan attachment or click on a Web link in order to view their "tax statement." In fact, that link takes the victim to a malicious Web site.
The IRS says not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.
What makes this campaign particularly ugly is that the malware that accompanies the fake IRS messages is a variant of the hard-to-detect Zeus Trojan. This software hacks into bank accounts and drains them of money as part of a widespread financial fraud scheme. Researchers estimate that the Zeus criminals are emptying more than a million dollars per day out of victims' bank accounts with the software. Small businesses have been particularly hard-hit by this fraud, because banks have sometimes held them accountable for the losses.
(Excerpt) Read more at computerworld.com ...
My business e-mail address has been getting flooded with this. Sender’s address is allegedly noreply@irs.gov (but anyone can spoof a sender’s address). Subject line is always “Notice of Underreported Income”, however the ax ID number is something randomly generated. The first instance was immediately forwarded to phishing@irs.gov.
The IRS will never use e-mail medium for such correspondence. It will always be via US Postal Service.
Exactly. I hope more people know this as well.
ping
The IRS says not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.
Ping
The crooked IRS does not know my e-mail; therefore, I knew there were other crooks behind this.
I threw their address into my e-mail mulch bin never to arrive to my e-mail address again.
P.S.
Thank you for information. I was wondering what other crooks were behind this scam.
I'd be willing to bet that the first 5000 people lured in to this will be people who voted for 0bama. Suckers and morons, every one of them.
Why would I want to open email from the IRS? I don’t even like opening snail mail from them.
Interesting, and how dumb that anyone would even open it.
ping
Why would I want to open email from the IRS?...etc...
= = = = = = = = = = = = = = = = = = = =
Persactly....that would be like opening an email from the “Nigerian Govt” with the subj matter “help us catch email scammers”.....
Also, anything with Love, Darling, My Dear etc etc goes straight to the zap file.....
The socialist government thieves hate competition.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.