Tax Season Means IRS Email Malware and Scams

As if it’s not bad enough to have the government taking your hard earned money.

It’s time for taxes and the malware and hackers are ready, are you?

Anytime there is a major event, malware and hackers are bound to work some way to infect computers. During tax season, they will try to get you to think they are the IRS. If you think you are replying to the IRS, you are likely to be giving information much more sensitive than your Facebook password to them. What do you need to know?

First, the IRS does not work through email. (period).

You cannot receive an email about tax information from the IRS. They do not use email to contact you. Email is too insecure. They don’t use it. You will not receive an email from the IRS. Do not open it. Do not click on any link that seem to come in an email from the IRS. The IRS does not use email to contact you.

Am I clear? :)

What should you do if you receive an email claiming to be the IRS?

Seal of the Internal Revenue Service
Image via Wikipedia

According to the IRS privacy page, you can forward the email to them. Address the forwarded email to . Delete the email no matter if you forward it to them or not.

Never click a link in an unsolicited email.

Two things can happen if you click a link in an email:

  1. Whoever sent the email can track that they found a live email address, and keep targeting you for more malware at that address (this is if you are lucky).
  2. The website you are taken to may infect your computer with malware (if you are not lucky).

The malware often used in this email phishing scam is known as Zeus.

It is also known as Zbot. It steal your credentials off your computer, including banking information. It then uses your computer as a bot to infect other computers and to launch attacks against other systems (often something called a DDOS attack). Then when the hacker is done with you it can destroy the operating system on your computer (you lose everything on the computer after you lose everything in your bank account).

You can catch Zeus from a hacked website (called a drive-by infection) as well as by email. How is that to brighten your day? It gets better.

Criminals can purchase Zeus malware outright.

Yes, you too can join the ranks of the criminal hacker underground. The basic Zeus admin panel costs just a mere $700. You’ll probably want the .exe builder so you can build your own custom Zeus malware for $4000. No, that is not a joke. I don’t know if there is any sales tax.

Keep your computer updated, use good passwords, have a good anti-virus as well has a good malware killer on your computer. These are all some things in addition to not opening emails from the IRS or clicking links in emails that you are not expecting that will help keep your computer safe.

Sign up for my free email newsletter so you don’t miss an important update to this site.

Reblog this post [with Zemanta]