Accountants are being warned to be vigilant against malicious hackers as cybercriminals rush to exploit them to prepare tax returns for their clients before the U.S. Tax Day deadline.
US Tax Day is the day on Tuesday, April 18 this year, when individuals must file their income tax returns with the government.
It’s an inevitably busy time for accountants and bookkeepers who feverishly gather the necessary paperwork from clients. And, according to a Microsoft’s warningCybercriminals are also busy. They are taking advantage of an impending deadline to spread malware.
As Microsoft’s security experts warned, the accounting and tax return preparation company has been targeted by malware campaigns masquerading as customers’ emails.
Part of the email is:
I apologize for not responding sooner. Personal tax returns should be simple and should not take a lot of time. You will need copies of the most recent year documents such as W-2s, 1099s, Mortgages, Interest, Contributions, Medical Investments, HSAs, etc. uploaded below.
Emails continue to share links claiming to download password-protected PDFs containing confidential documents.
However, downloading the ZIP archive in the link and accessing its content will initiate additional malicious content downloads, which in turn will install copies of the Remcos remote access trojan (RAT) that malicious hackers can potentially open backdoors for. Gain access to the target’s computer and network.
If Remcos is successfully delivered to a victim’s PC, the attacker can seize control of the computer, steal data and move laterally throughout the organization’s network.
Stolen data can later be used by criminals to gain further access to an organization or to attack a company’s partners. If a ransom is not paid, it may simply be sold on the dark web.
It makes sense for all organizations, not just those involved in preparing tax returns for their clients, to exercise great care when handling email attachments and links, especially when they are delivered along with unsolicited emails.
Businesses need to protect themselves with layered defenses, patch systems for vulnerabilities, and follow secure computing practices to reduce the chances of falling victim to an attack.
Editor’s Note: The opinions expressed in this guest author article are those of the contributors only and do not necessarily reflect those of Tripwire.