Security News > 2022 > March > Emotet malware campaign impersonates the IRS for 2022 tax season
The Emotet malware botnet is taking advantage of the 2022 U.S. tax season by sending out malicious emails pretending to be the Internal Revenue Service sending tax forms or federal returns.
Emotet is a malware infection distributed through phishing emails with attached Word or Excel documents containing malicious macros.
Once Emotet is installed, the malware will steal victims' emails to use in future reply-chain attacks, send further spam emails, and ultimately install other malware that could lead to a Conti ransomware attack on the compromised network.
In a new report by email security firm Cofense, researchers have spotted multiple phishing campaigns impersonating the Internet Revenue Service that use lures related to the 2022 U.S. tax season.
These emails pretend to be the IRS sending the recipient their 2021 Tax Return, W-9 forms, and other tax documents commonly required for the tax season.
While the email subjects and text of the IRS-themed emails vary, the general lure is that the IRS is contacting your business with either completed tax forms or ones you need to fill out and return to them.