Zeus cloaked in tax returns

Powered by SC Magazine
 

Bank robbing trojan promises fund transfers.

A large Zeus spam campaign is being delivered via fake emails from the US Federal Reserve and the Internal Revenue Service.

Researchers at Barracuda Labs first spotted the huge uptick in the malicious messages on Monday when the emails were blocked before reaching some 120,000 users within 10 minutes.

The bogus Federal Reserve emails appeared to target staff in charge of an organisation's finances. The body of the messages encourage recipients to click on a malicious link for more information about a wire fund transfer that was not processed.

Users who click on the link are then asked to install an executable, which actually is the data-stealing Zeus trojan, notorious for keylogging the corporate banking credentials belonging to small and midsize businesses, school districts and charities.

"The goal is to steal money from you," Barracuda researcher Luis Chapetti said.

On Wednesday, the fraudsters switched their tactics to leverage the IRS name in their emails. The messages contained the same payload, but victims were told that their federal tax payment was cancelled by their bank and were encouraged to click on the malicious link for further details.

"The potential is there for people to be affected, especially at these volumes," said Barracuda researcher David Michmerhuizen.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Zeus cloaked in tax returns
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 818

Vote