If you receive a suspicious email that seems to be from the tax authorities (or your bank, your insurer, the social security authorities or even your telephone operator), never click on any links in the message, and never open any attachments. — AFP Relaxnews
A new malware, dubbed Voldemort, is currently wreaking havoc worldwide. It lands as a message supposedly sent by the tax authorities, fooling Internet users into unwittingly installing spyware on their computers.
Cybersecurity company Proofpoint has identified a new threat in the form of malware called “Voldemort”, named after the famous Dark Lord from the Harry Potter series of novels and movies. To fool people worldwide, the hackers involved pose as various tax authorities in Europe, the USA and Asia, such as the Internal Revenue Service in the US, the UK's HM Revenue & Customs or France's Direction Générale des Finances Publiques.
They send emails supposedly notifying recipients about changes to their tax filings. "Each such was customized," reports Proofpoint, "and written in the language of the authority being impersonated." In the UK, the scam takes the form of an email stating: "We are writing to inform you of important updates to the UK tax rates and tax system that may impact your tax records. As part of our commitment to ensuring accurate and efficient tax management, it is essential that we update our records to reflect these recent changes." A link then offers to take users to "Guide SA150," supposedly to help them review and update their tax records.
This document is, in fact, completely fake, and contains the Voldemort malware, which installs itself on the computer to retrieve as much personal data as possible. It can be used to execute commands remotely and navigate computer files to steal confidential data.
Since Aug 5, 2024, Proofpoint has counted over 20,000 malicious messages that have already impacted more than 70 organizations worldwide, including insurance companies.
However, there are a number of clues that should raise doubts in the minds of those who receive this email, starting with the phrase "Dear Taxpayer," a generic greeting unlikely to be used by the authorities.
More broadly, if you receive a suspicious email that seems to be from the tax authorities (or your bank, your insurer, the social security authorities or even your telephone operator), never click on any links in the message, and never open any attachments.
If in doubt, the best thing to do is log into your account directly via the relevant organization's website or application to check whether or not the information is correct. – AFP Relaxnews
