1 min read

Fake HMRC Notice of Underreported Income

Răzvan LIVINTZ

January 15, 2010

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Fake HMRC Notice of Underreported Income

Several months ago I wrote an alert
about cybercriminals targeting US taxpayers
who were supposed to e-file
their previous year tax return. As the Self Assessment Tax Return and Pension Schemes
Filing deadline are knocking at the doors of the UK taxpayers, it looks like the
malware dissemination scheme simply crossed the ocean and start endangering the
unsuspecting subjects of Her Majesty.

The unsolicited message used as bait – which requires the users
to review their underreported income statement – is identical with the one
previously used to deceive IRS recipients, as you can see below:

HMRC

The alleged customized link does not lead towards Her
Majesty Revenue & Customs’ Web site, but to Web page (registered on a
Tuvalu islands – .tv – domain), which
mimics a personalized download location, employing several visual
identification elements of the original site (registered on gov.uk
domain), such as the logo, header or formatting elements.

HMRC

The page also provides a link of a purported tax statement that the user
should download and execute. However, upon clicking the user does not receive
an e-form, but a cocktail of malicious payloads, employed earlier this week in another
malware campaign using Microsoft

tags


Author


Răzvan LIVINTZ

I rediscovered "all that technical jazz" with the E-Threat Analysis Team at Bitdefender, the creator of one of the industry's most effective lines of internationally certified security software.

View all posts

You might also like

Bookmarks


loader