Security experts are warning of a flood of spam emails masquerading as US tax documents in an attempt to spread the ZeuS malware.
Sans researcher Kevin Liston reported that the organisation had received several reports of unsolicited email claiming to come from the US Internal Revenue Service (IRS).
The emails claim that the recipient has 'under-reported income' on their tax statements, and urges them to download and run a linked file. The file is an executable which infects the user with the ZeuS malware.
The technique is not new. Citizens in the US and the UK were targeted by social engineering malware attacks last year purporting to be documents from tax authorities.
The IRS does not send official notifications via email, and advises people to avoid any messages claiming to be from the agency.
The ZeuS malware allows an attacker to locally edit HTML files on the victim's system to turn benign web pages into phishing sites and harvest credentials without the victim's knowledge.
Spaces are filling up fast
HP ZBook x2 offers 32GB RAM, M.2 SSD with up to 2TB storage and Nvidia Quadro GPU
Laptops should be able to offer true all-day working, and some
CGN has created an "online capability gap" between cyber criminals and law enforcement, says Europol
ISPs use Carrier Grade NAT to share IP addresses amongst multiple users