Beware! Fake tax mails may have Trojans
The mails stating that money has been deducted contain an attached file that claim to be a receipt for the payment.
New Delhi: Cybercriminals are targetting India, the US and other countries with fraudulent “tax deduction” emails to steal information, security software firm Symantec said.
“During the last three months, Symantec has observed malicious emails claiming to be from India’s income-tax department. The report shows 43 per cent of these scam emails were delivered in India, followed by the US (20 per cent), and the UK (14 per cent),” Symantec senior security response manager Satnam Narang said.
He added that there have been at least two types of emails in circulation — one that claims that thousands of rupees have been deducted from the recipient’s bank account as a tax payment and the other copies the template of an actual intimation sent by the I-T department.
Mr Narang said the activity could grow further towards the closing of the financial year as people file their income and other taxes.
“While each email differs in its template, the goal is the same: to infect computers with an information-stealing Trojan that logs keystrokes. It also collects system information like titles of open windows and the operating system version that is sent back to attacker command and control server,” he said.
The mails stating that money has been deducted contain an attached file that claim to be a receipt for the payment. The alleged receipts are ZIP files that contain information-stealing malware that Symantec detects as Infostealer.Donx, he said.
On the other hand, the authentic looking mail with the PAN contains an attached ZIP file that is not password- protected.
“Contrary to what the email claims, the ZIP file does not contain a PDF. Instead, it contains another information-stealing Trojan that Symantec detects as Trojan.Gen,” Mr Narang said.