magnify
Home Hardware & Technology Australian Taxtime Used by Online Criminals to Infect Computer with Trojans
formats

Australian Taxtime Used by Online Criminals to Infect Computer with Trojans

Sydney, Monday, 19 August, 2013 – Up to 1 percent of approximately one million spam messages sent worldwide are now directed at Australians as they rush to file tax papers.

According to Bitdefender data, over the past few weeks, cyber criminals initiated three separate spam campaigns impersonating the Australian Taxation Office in an attempt to infect the country’s citizens as Australia entered the tax season.

The above graphic shows the three consecutive spam campaigns where the first attack registered approximately 6,000 incidents on July 15th, followed by a second wave of some 4,000 spam e-mails on July 23rd. The third hit was also the campaign peak and occurred on the 6th of August when circa 10,000 spam e-mails were aimed at Australians. This sort of malicious outbreak is expected to continue heavier and more targeted as the tax time approaches its deadline in October.

Attackers hope their targets are too concerned with their financial duties to double check the sender’s address and discover the con.

The bogus e-mails use slight variations of the following body message: “TAX REFUND NOTIFICATION. After the last calculation of your fiscal activity we have determined that you are eligible to receive a refund of 6441.80 AUD.” Invariably, it instructs the recipients to open the attachment.

Once accessed, the attachments compromise their systems with malware that steals users’ passwords and login data to their money accounts.

For each of the three shot-lived but aggressive spam campaigns, scammers used as e-mail attachment three variants of Trojans from the notorious Fareit family.

These Trojans steal passwords from the infected system, connects to a command and control center where it sends the identification data of the compromised machine, downloads further malicious pieces among which the banking malware ZeuS and sometimes they take part in distributed denial of service attacks.

The malicious messages were sent from servers located in the United States and UK, but also in Mexico, Israel, Japan, Philippines, Hong Kong, Kazakhstan and Canada.

Spammers also use reputable Australian banks, including CitiBank, Commonwealth Bank, Bank of Melbourne, and National Australian Bank to lure users with dangerous links and malicious attachments and infect their systems with malware.

Unfortunately, users continue to fall for the oldest trick in the spam book and click links or open attachment that infect their machines with money stealing Trojans or fill in fake forms and give away sensitive identification or card data to perfect strangers that can later on impersonate them in fraudulent acts.

###

About Bitdefender®

Bitdefender is the creator of one of the world’s fastest and most effective lines of internationally certified antivirus software. The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.

Recently, Bitdefender won a series of important awards and accolades in the global security industry, including “Product of the Year” by AV-Comparatives, “Best Repair 2012” by AV-Test, and “Editor’s Choice” by PC Mag, that confirmed the antivirus software’s leadership status among security products. More information about Bitdefender’s products is available from the company’s security press room. Additionally, Bitdefender publishes the HOTforSecurity blog, where readers can find stories from the underworld of internet fraud, scams, malicious software – and gossip.