Security Awareness – Emotet Impersonating IRS in New Phishing Scam

The infamous malware botnet Emotet continues to resurge and propagate through persistent scams. Recently, Emotet was observed in a campaign leveraging tax season themed lures and impersonating the IRS to trick victims into downloading the malicious botnet. In these new campaigns, Emotet threat actors send out supposed “tax documents” for recipients to view or fill out and return to the sender. Victims are prompted to open zip files designed to mimic tax documents such as W-9 forms that are often Word or Excel files containing malicious macros which enable the download of the Emotet malware. Black Lotus researchers note there are now around 200 unique command-and-control servers supporting Emotet’s activities. Emotet infections can lead to successful deployment of Conti ransomware. Moreover, to defend against this activity members are encouraged to carefully scrutinize suspicious emails and are reminded that the IRS will never contact you via email. Read more at BleepingComputer.