Phishing campaigns have been discovered targeting the Australian Tax Office with malware undetected by most anti-virus engines.
The ATO trojan delivered to users, at at time when many were receiving tax returns, was detected by 14 of 47 anti-virus engines, according to a Virus Total analysis.
It contained a spoofed email address linked to payroll provider ADP and appeared to use body text not used in other phishing scams to con users into opening the ATO_TAX_16072013.zip malicious Microsoft Word attachment .
It contained the subject "Australian Taxation Office - Refund Notification" with body text that read "after the last calculation of your fiscal activity we have determined that you are eligible to receive a refund of 6731.76 AUD."
The banking phishing attacks delivered a trojan packed into the attachment SecureMessage.zip.
The email text and attachment file name have been used in attacks against banks dating to at least December last year.