In the latest narrowcast attack, security researchers warned today, cybercriminals masquerading as the Internet Revenue Service are counting on the gullibility of business executives.
The e-mail attacks try to dupe recipients into opening the attached file by scaring them with a bogus allegation. “You have received a complaint in regards to your business services,” the message begins. “Instructions on how to resolve this complaint as well as a copy of the original complaint are attached to this email.”
Other social engineering tricks used by the attackers include the tax agency’s logo in the message body, an attached Word document named COMPLAINT.rtf, and the message addressed directly to the recipient.