Scam Of The Week: IRS Refund Ransomware

Many of us waited till the last moment before the April 15 tax deadline and are now holding our collective breath in expectation of that possibly rewarding refund. The problem is that cybercriminals are very aware of this anticipation and use social engineering tactics to trick tax payers. Knowing that many in America are waiting for word from the Internal Revenue Service concerning pending refunds, the cyber mafia is working hard to get in first with a massive phishing attack that has a ransomware attachment. Here is how the email looks:

IRS Refund Ransomware

The attachment is an infected Word file, which holds a ransomware payload and encrypts the files of the unlucky end-user who opens the attachment, and all connected network drives if there are any. 

I suggest you send this Scam Of The Week to all your friends, family and employees with something like the following message. Feel free to copy/paste/edit:

"Cyber criminals are preying on American tax payers that have made the April 15 deadline and are now waiting to hear about their refund. There is a massive phishing scam going on right now which tries to trick you into opening a Microsoft Word attachment. But if you do, all your files will get hijacked and encrypted. If that happens, you only get your files back after paying around $500 ransom. Remember, think before you click, and do not open any attachments you did not ask for!"

Step employees through effective security awareness training how to stay safe out there on the Wild, Wild, Web. Find out how affordable this is for your organization today. You will be pleasantly surprised.

Get A Quote Now


Hatt Tip to SecureList


Subscribe To Our Blog

Free Phishing Security Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews