Dynamo’s Blog Warns: Fake Emails Impersonating EFTPS Reaching Internet Users Once Again

Softpedia.com on 10th July, 2013 quoted Dynamo's Blog that a new tax-themed malware-ridden spam email campaign impersonating US's Electronic Federal tax Payment System (EFTPS) is currently targeting Internauts.

Notably, EFTPS is a free service for paying federal taxes electronically using Internet or Telephone provided by the US Department of the Treasury.

Conrad Longmore, a Security Blogger of Dynamo's Blog, has identified a bogus email entitled "Payment File Successfully Processed" which appears to have come from an eftps.gov email address.

The email addresses the recipient as 'Dear Batch Provider' and tells him that this email is being sent to him to inform him that his payment file has been successfully processed. Detailed information regarding the request can be received by logging into the Batch Provider software by clicking on a link curtailed within the email and by executing a Sync request.

The email concludes with "Thank you" on behalf of EFTPS.

The security highlights that users who click on the link are taken to a hacked website which redirects them to a malware-serving page.

Experts observe that these tax-themed spam email-targeting taxpayers are nothing new and cybercriminals attack Inernauts with new twist every time.

The security expert observes that disturbingly it is due to malware ridden spam campaigns of above discussed types, which are leading to a surge in malware over the Internet.

EFTPS has repeatedly published warning about such scam emails on its website and claims that it will never send any unsolicited emails to taxpayers asking them to follow a link and provide any intricate information.

Hence to mitigate the chances of being victimized by spam email campaigns of abovementioned types Internet users are advised not to click on any link in the message and not to reply to such emails. Simply delete them, the security expert advises.

Security experts at security firm GFI Labs feel that it is not the first time that EFTPS has been targeted by scammers. In January 2013, for instance, bogus emails entitled "Payroll declined" purporting to be from EFTPS maligned with Cridex Trojan were reaching inboxes of Internet users.

» SPAMfighter News - 7/17/2013