2 min read

Australian Taxtime Used by Online Criminals to Infect Computer with Trojans

Loredana BOTEZATU

August 20, 2013

Australian Taxtime Used by Online Criminals to Infect Computer with Trojans

Up to 1 percent of approximately one million spam messages sent worldwide are now directed at Australians as they rush to file tax papers.

According to Bitdefender data, over the past month, cyber criminals initiated three separate spam campaigns impersonating the Australian Taxation Office in an attempt to infect the country’s citizens as Australia entered the tax season.

The above graphic shows the three consecutive spam campaigns where the first attack registered approximately 6,000 incidents on July 15th, followed by a second wave of some 4,000 spam e-mails on July 23rd. The third hit was also the campaign peak and occurred on the 6th of August when circa 10,000 spam e-mails were aimed at Australians. This sort of malicious outbreak is expected to continue heavier and more targeted as the taxtime approaches its deadline in October.

Attackers hope their targets are too concerned with their financial duties to double check the sender’s address and discover the con.

The bogus e-mails use slight variations of the following body message: “TAX REFUND NOTIFICATION. After the last calculation of your fiscal activity we have determined that you are eligible to receive a refund of 6441.80 AUD.” Invariably, it instructs the recipients to open the attachment.

Once accessed, the attachments compromise their systems with malware that steals users’ passwords and login data to their money accounts.

For each of the three shot-lived but aggressive spam campaigns, scammers used as e-mail attachment three variants of Trojans from the notorious Fareit family.

These Trojans steal passwords from the infected system, connects to a command and control center where it sends the identification data of the compromised machine, downloads further malicious pieces among which the banking malware ZeuS and sometimes they take part in distributed denial of service attacks.

The malicious messages were sent from servers located in the United States and UK, but also in Mexico, Israel, Japan, Philippines, Hong Kong, Kazakhstan and Canada.

Spammers also use reputable Australian banks, including CitiBank, Commonwealth Bank, Bank of Melbourne, and National Australian Bank to lure users with dangerous links and malicious attachments and infect their systems with malware.

Unfortunately, urers continue to fall for the oldest trick in the spam book and click links or open attachment that infect their machines with money stealing Trojans or fill in fake forms and give away sensitive identification or card data to perfect strangers that can later on impersonate them in fraudulent acts.

This article is based on the spam samples and the technical information provided courtesy of Adrian MIRON, Bitdefender Spam Researcher; and Cristina VATAMANU & Alexandru MAXIMCIUC, Bitdefender Virus Analysts.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read