Welcome to our unaccompanied tours (UT) blog, Foggy Bottom Rambles! We can share information, programs, and resources quickly with you and since blogs are a two way street, we (and the other readers) can hear from you. What's in a name you say? This blog reflects how we (back here in DC, Foggy Bottom area) provide information (rambles) to you. Find websites and information, upcoming webinars, programs and events. FLO does not endorse organizations or companies linked-to in this blog, the views they express, or the products/services they offer. Let us know what you think: contribute to the blog or email us at FLOAskUT@state.gov.
Tuesday, March 30, 2010
US Tax Season Phishing Scams and Malware Campaigns
Now as in the past, we are receiving reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, be reminded to remain cautious when receiving unsolicited emails that could be part of a potential phishing scam or malware campaign.
These phishing scams and malware campaigns may include the following: information that refers to a tax refund, warnings about unreported or under-reported income, offers to assist in filing for a refund, or details about fake e-file websites. These messages, which appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.
At this time, the Department of State and US-CERT are aware of public reports indicating that there is active circulation of a tax season malware campaign. This malware campaign may be using malicious code commonly known as Zeus or Zbot.
US-CERT encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns:
• Do not follow unsolicited web links in email messages.
• Refer to the IRS website related to phishing, email, and bogus website scams for scam samples and reporting information.
• Pay attention to ISSO and DS notifications.
• Refer to the Recognizing and Avoiding Email Scams document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
Thank you for your attention and support in keeping our IT systems safe.