Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday April 16 2015, @12:55PM   Printer-friendly
from the gone-phishin' dept.

If you filed your IRS (US Internal Revenue Service) income tax forms through someone else, and that list gets into the hands of phishers, do you think you could detect it?

A lot of people fall for this. Hard. Gizmodo reports:

A lot of people are falling for them: A study of 150,000 phishing emails by Verizon partners found that 23 percent of recipients open phishing messages, and 11 percent open attachments. Is that not crazy? One in 10 people opens an attachment when they have no idea what they’re opening.

And it happens fast: It takes an average of 82 seconds from the time a phishing campaign is launched, until the first sucker bites. And this isn’t just phishing in people’s Gmail accounts. It’s happening on sensitive business and government accounts where the targets should theoretically know better.

Another article in Wired is reporting:

Typically, it takes months if not years to uncover a breach. In 2012, for example, FireEye reported that the average cyber-espionage attack continued unabated for 458 days before the victim discovered the hack.

[More after the break.]

I have received numerous phishing emails. So far, I have recognized them because I knew the people I am dealing with and when something outlandish comes up, I call 'em. However, these days, who knows anybody at these big, monolithic, and automated tax-collection centers, and who wants to take the risk that an ignored IRS email is indeed fake?

I have been holding out as long as I can against having anything to do with the government on the internet. I flat out do not trust the internet when it comes to email. Any of us can tell if it's some casual friend chitchat, but when mail arrives looking like it's from your bank and money is involved, it gets noticed. With the the advent of things like Electronic Funds Transfer, things can happen behind our back, and we ignore the email at our peril....

Many of us here know just how easy it is to make an extremely legitimate looking business email. It would really bother me to receive demands from compliance from some entity purporting to represent the IRS via email, with no way for me to know for sure it's bogus without taking the bait.

How many of you filed your IRS returns electronically? How do you protect yourself from phishing attacks?

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Informative) by Anonymous Coward on Friday April 17 2015, @12:47AM

    by Anonymous Coward on Friday April 17 2015, @12:47AM (#171803)

    Should have forwarded that file to virustotal: https://www.virustotal.com/en/documentation/email-submissions/ [virustotal.com] At a minimum, I'd found it interesting how many spotted it and it would help spread immunity to more people.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  

    Total Score:   1  
  • (Score: 1) by Kymation on Friday April 17 2015, @02:07AM

    by Kymation (1047) Subscriber Badge on Friday April 17 2015, @02:07AM (#171846)

    Here's the result (with a bunch of "found nothing" scrubbed out)

    ------------------------------------------------------------------
    Complete scanning result of "confimation_3098-2344342.doc", processed in VirusTotal at 04/17/2015 03:32:51 (CET)

    [ file data ]
    * name..: confimation_3098-2344342.doc
    * size..: 46080
    * md5...: ad5cc5269322f4eac92f229e9a7afb27
    * sha1..: 1b2ab5ffa51943e1ea700dc6d0937cd2784824fc

    [ scan result ]
    Ad-Aware 12.0.163.0/20150417 found W97M.Downloader.LH
    BitDefender 7.2/20150417 found W97M.Downloader.LH
    Comodo 21794/20150417 found TrojWare.W97M.Agent.~AA
    ESET-NOD32 11487/20150417 found VBA/TrojanDownloader.Agent.OK
    Emsisoft 3.0.0.600/20150417 found W97M.Downloader.LH (B)
    F-Secure 11.0.19100.45/20150416 found W97M.Downloader.LH
    GData 25/20150417 found W97M.Downloader.LH
    Kaspersky 15.0.1.10/20150417 found Trojan-Downloader.MSWord.Agent.it
    MicroWorld-eScan 12.0.250.0/20150416 found W97M.Downloader.LH
    Sophos 4.98.0/20150417 found Troj/DocDl-LS
    TrendMicro 9.740.0.1012/20150417 found W2KM_BARTALEX.UK
    TrendMicro-HouseCall 9.700.0.1001/20150417 found W2KM_BARTALEX.UK
    ------------------------------------------------------------------

    As I suspected, it's an MS Word macro designed to download something nastier. I doubt that I could get it to work in Libre Office, and even if I could, the payload would have some problems with infecting Linux.

    Still not going to try the experiment.

    • (Score: 1) by anubi on Sunday April 19 2015, @02:24AM

      by anubi (2828) on Sunday April 19 2015, @02:24AM (#172682) Journal

      Yeh... sure is risky opening attachments in Email.

      I am surprised businesses haven't gone after Microsoft big-time for sloppy file processing, the way a restaurant would go after someone sending them dirty produce.

      A business looks so sloppy these days if they include attachments to their business communication.

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]