The US Internal Revenue Service kicked off the 2012 tax filing season on January 4, and malware peddlers haven’t waited much to begin targeting users with tax-themed spam emails.
Trend Micro recently spotted one that seems to come from US-based financial organization Fidelity Investments, supposedly sending the user’s statement:
Unfortunately, the attached zipped file is not what the email claims it to be. Instead, the user is tricked into downloading and running a variant of the Zeus Trojan, which monitors finance-related online activity and steals online banking and other login credentials.
US users are advised to be extra careful when dealing with unsolicited emails, and to remember that the tax season ends on April 17 and that until that date – and even some days after the deadline – they are likely to receive many more tax-themed malicious emails.