Skip to main content

Internet spam imitates Revenue Service Web

Published July 01. 2011 05:01PM

The Department of Homeland Security said there is a large scale spam campaign underway in which attackers are using fairly well-crafted emails that appear to come from the IRS to infect victims with the Zeus bot.

The attack has been ongoing for a couple of weeks now, and researchers say that although the attackers have taken some precautions to prevent analysis of the sites and malware being used, they also made some key mistakes.

The Zeus-laden fake IRS emails are convincing enough to have snared more than a few victims. The subject line typically says something like, "Federal Tax payment rejected" or "Your IRS payment rejected", and the sender's address is spoofed to include the domain.

The body of the emails often have a couple of spelling and grammatical errors and include a link to a PDF file. That file directs the victim to a download that will drop the Zeus binary on his machine. From there, it's game over for the user.

Zeus is proving to be one of the more venerable and flexible crimeware kits in recent years.

It's been used in dozens and dozens of attacks and has infected millions of machines over that time.

The source code for one version of Zeus was leaked recently, leading researchers to predict that more attacks involving the kit would be in the offing as more attackers get access to a tool that was previously out of their reach.

Classified Ads

Event Calendar


October 2017


Upcoming Events

Twitter Feed


Bombers get creative with parade floats

40.8014826, -75.6101867

Some of Palmerton’...

Man faces charges for shooting his dog

40.8014826, -75.6101867

Charges have been...

Extension hosts annual dinner

40.7986942, -75.8104747

The Carbon County Ex...

Reader Photo Galleries