New Ransomware Email Scam Using FBI and IRS as Bait

Email scams have become so common nowadays that every other day there’s a new one. The only difference is the way scammers try create genuine looking emails so that recipients are lured into opening them and clicking on the malicious attachment.

There is a new email scam in which residents in Connecticut, United States are receiving fake emails attached with malware. This time scammers have disguised this malware containing emails into Federal Bureau of Investigation (FBI) and Internal Revenue Service (IRS) official emails. Therefore, the IRS and the Department of Revenue Services (DRS) are collaborating to spread the word about the new email scam. The primary targets of this new scheme are the taxpayers mainly in Connecticut.

Related: Firm loses $44m due to an online email scam

Kevin Sullivan, DRS’ commissioner, states that the purpose of this email scam is no different than the rest of them. Scammers are trying to obtain “personal information, passwords, and money,” notes Sullivan, cyber criminals are using every possible trick to lure users into “clicking a link or opening an attachment.”

IRS Commissioner John Koskinen has termed this scam as another twist to the already tried and tested formula of email ransomware scam as it also involves fake, inauthentic emails posing to be sent by reliable institutions with the sole objective of hijacking computer data and take cash in exchange for it.

Let’s have a look at the fake emails that supposedly are sent by the IRS and FBI.

Recipients are requested to download a questionnaire by clicking on a link present in the email. This questionnaire is allegedly property of the FBI, and the bureau wants the user to fill up the form in order to understand the new changes in the tax compliance law. However, the changes are false and so is the link because it doesn’t take the user to FBI’s questionnaire but download ransomware on the computer.

Email screenshot (IRS)

Ransomware is different from spyware; it is a malicious software that hijacks all the data stored on a device and victim can reclaim it only after fulfilling the demands of the scammers usually in the form of cash or crypto currency.

You might very well be acquainted with the prevention techniques so far but once again let us remind you never to open emails from unidentified or suspicious senders and never click on unreliable email attachments no matter how genuine you feel these might be.

The warning alert issued by Commissioner Sullivan can be read here:

Related: How To Prevent Growing Issue of Encryption Based Malware (Ransomware)

This is not the first time when a ransomware scam has hit users in the name of IRS. In 2015, Internet users through out the United States were targeted by ransomware via fake IRS tax return emails in which hackers were using compromised servers in China.

Carolina

Carolina works for HackRead as a technical writer. She is a Brazilian traveller who has been to almost every country around the world. She has a keen interest in technology, gadgets and social media.