U.S. Flag Official website of the Department of Homeland Security

US Tax Season Phishing Scams and Malware Campaigns

Original release date: March 26, 2010 | Last revised: October 23, 2012

In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include the following: information that refers to a tax refund, warnings about unreported or under-reported income, offers to assist in filing for a refund, or details about fake e-file websites. These messages, which appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.

At this time, US-CERT is aware of public reports indicating that there is active circulation of a tax season malware campaign. This malware campaign may be using malicious code commonly known as Zeus or Zbot.

US-CERT encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns:

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top