A new phishing scheme has caught the eye of the IRS. The Internal Revenue service is warning US citizens to be vigilant as the scam uses logos from both the FBI and IRS to appear as a legitimate concern. The only purpose of the scam is to get the users to open and download a file that is infected with a form of ransom-ware in which the users machine becomes infected and their files encrypted.
The IRS confirms this is just a fear tactic to get you to open and download the file and that individuals facing tax issues would never receive their first communication from the IRS via email.
Some of the recommendations included in this campaign are worth re-posting:
- Make sure employees are aware of ransom-ware and of their critical roles in protecting the organization’s data.
- For digital devices, ensure that security patches are installed on operating systems, software and firmware. This step may be made easier through a centralized patch management system.
- Ensure that antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts — no users should be assigned administrative access unless necessary, and only use administrator accounts when needed.
- Configure computer access controls, including file, directory and network share permissions, appropriately. If users require read-only information, do not provide them with write-access to those files or directories.
- Disable macro scripts from office files transmitted over e-mail.
- Implement software restriction policies or other controls to prevent programs from executing from common ransom-ware locations, such as temporary folders supporting popular Internet browsers, compression/decompression programs.
- Back up data regularly and verify the integrity of those backups.
- Secure backup data. Make sure the backup device isn’t constantly connected to the computers and networks they are backing up. This will ensure the backup data remains unaffected by ransom-ware attempts.
The IRS also actively encourages users to send any IRS-themed phishing scams to phishing@irs.gov.