Scammers will use anything to target businesses, including tax forms. A new phishing campaign is spreading a malicious program disguised as documents from the IRS. With the tax season in full swing soon, business owners must take extra precautions to protect sensitive company data.

Emotet Phishing Campaign Targets Taxpayers

Emotet is one of the most widespread malware programs in recent years. The latest emotet phishing campaign targets taxpayers. It impersonates the IRS and other private organizations, sending emails containing phony Form W-9 attachments.

When someone falls for the scam and installs the emotet on their computer, the malware will steal data and take control of their email. It will send spam emails using the target’s account to spread other malicious programs.

Obvious Emotet Phishing Signs to Look Out For

The Emotet phishing emails may seem legitimate, but some telltale signs give them away. The malicious emails have an attached Zip file. It contains a Word document that is supposedly the Form W-9. But you can tell it is fake because it is over 500 megabytes. No ordinary Word document is ever that big.

In addition, Microsoft has disabled macros from operating on the system. A security warning will appear when a user tries to open a malicious Word document, saying it contains blocked macros. That is the ultimate warning sign of a phishing scam, so don’t enable the content.

Emotet is trying to circumvent Microsoft’s solution by sending OneNote files instead. When a user opens the attachment, it will say the document is protected and that they must click the “View” button. Once they do, it will cause the embedded VBScript to run. OneNote will display a warning about the potentially malicious script, but inattentive users will launch it anyway.

It is essential to note that legitimate tax documents are usually in PDF form. Be cautious about opening Word, OneNote, and other file types from dubious sources.

How to Minimize Your Risks 

The Emotet phishing campaign can have disastrous outcomes for companies. But you can minimize risk by knowing the warning signs. The same goes for other malicious schemes. If business owners and employees learn about these techniques, they can prevent data loss and stop the spread of malware.

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
voice technology options
Harnessing the Power of Voice Technology
Voice technology is quickly becoming one of the most valuable tools for businesses seeking to improve customer interactions, streamline operations, and cut costs. With...
Read more
TKS Newsletter - 2024 November
Here's our November 2024 Newsletter Read the full PDF version here: The TKS Sentinel - November Issue In this month's edition, we discuss: Dark Web/Work Laptop ActiveX Controls ...
Read more
tips for troubleshooting computer issues
6 Tips To Troubleshoot Network Issues
Identifying The Source - Fast A business network is the lifeblood of operations. The digital artery pumps data through your organization. It enables everything from email...
Read more

Used with permission from Article Aggregator