May 20, 2020
Our partner, AppRiver, has discovered yet another scam that you should be on the lookout for. This attack is looking to harvest social security numbers. The emails were carefully crafted and customized to the end-user and purported to come from the IRS. The recipient’s full name was included both in the subject and in the body of the message to lend credibility to the attack. It informed the recipient of “important changes in your records” and included an HTML attachment.
The page(attachment) delivered in the message was, of course, IRS branded and simply contained two fields to gather names and corresponding social security numbers.
There are a vast number of ways that this information can then be monetized. It is important to note that the IRS will never send this type of communication in an unsolicited manner.
Read more: https://bit.ly/2ZeZDI9
Posted by Jason Casteel, IT Services Manager