CPAs targeted with new phishing attack amidst the rush of tax season
Microsoft has recently warned of a new phishing campaign aimed at accounting firms and tax preparers. This new scam employs a type of malware called Remcos that allows hackers initial access to corporate networks. With tax season coming to a close, cybercriminals are taking advantage of the increased workload on accountants, hoping to trick them into opening malicious files they would typically avoid when less busy.
The phishing campaign begins with emails that appear to be from clients, sending necessary documents to complete their tax returns. Threat actors design these emails to be convincing, hoping tax preparers will unwittingly click on the included links or attachments.
Source: Microsoft
However, these links lead to file-hosting sites that download a ZIP archive, containing files that mimic various tax forms, but in reality, are Windows shortcuts.
Source Microsoft
The malware called Remcos is a remote access trojan. Once clicked and deployed on a device, the attackers can move further through the network, stealing data, and deploying additional malware on other devices connected to the network.
As accountants hold highly sensitive data for individuals and corporations, a data breach in this type of organization could significantly harm a large group of people. This makes it essential for accountants and tax preparers to be aware of the risks of phishing attacks and take appropriate steps to protect their networks and data.
To avoid falling victim to phishing campaigns, it is crucial to exercise caution when opening emails and clicking on links. You should only click on links or download attachments from trusted sources and avoid emails that ask you to provide personal or financial information, even if they appear to be from a legitimate source.
Businesses must remain vigilant in the face of cyber threats and ensure that their employees are aware of the risks and the best practices for staying safe online. This includes having robust security measures in place, such as anti-virus software, firewalls, and encryption, as well as regularly training staff on the latest threats and how to avoid them.
Ultimately, by taking proactive steps to protect their networks and data, businesses can reduce the risk of a devastating cyber attack. It’s essential to remember that cyber threats are a serious concern for all organizations, particularly those that hold sensitive data. Therefore, it is critical to remain vigilant and aware of the risks and take appropriate action to stay safe online.
With over 25 years of experience, we at Motiva Networks can help you plan and see if your data has been compromised with a Free Confidential Cybersecurity Risk Assessment. Or you can schedule a quick 10-minute call to discuss the best options for your Agency or small business, or go over any questions you might have HERE.
Walter Contreras
Walter Contreras has over 25 years of experience in information technology, including cybersecurity, with a focus on the Insurance Industry. As both a computer scientist and a graduate of the Columbia University Business School’s Executive MBA program, Walter understands how the world’s digital transformation is impacting small and medium businesses. His mission is to deploy information technology to protect and empower entrepreneurs.
