Cybersecurity researchers have uncovered a global malware campaign exploiting tax season to target financial institutions and individuals through phishing emails impersonating tax agencies like HMRC, Intuit, and myGov. Attackers use fraudulent messages about tax refunds, overdue payments, or account updates to steal credentials and deliver malware. Notable malware strains include Rhadamanthys, which executes PowerShell commands via malicious JavaScript, and Voldemort, a backdoor disguised as a PDF using Google Sheets for command-and-control. The campaign has impacted thousands of organizations, with over 40,000 Intuit-themed phishing emails sent in the US alone. To mitigate risks, businesses should implement multi-factor authentication, educate employees on phishing threats, and deploy advanced security measures like email filtering and monitoring. Continue here.
