Fake IRS Notice of Underreported Income

Nothing is certain but death, taxes and

September 15th US taxpayers should file their
2008 tax return, an event that did not escape unnoticed by cybercriminals, who
began another malicious offensive with a medium spam wave. The spam message
used as bait requires the taxpayers to review their unreported or underreported
income statement, providing them with an alleged customized link towards the
IRS Web site.

Fake IRS Form

The link does not lead to the agency portal, but to a Web
page (registered on an .eu domain) that
mimics an on-line form, employing several visual identification components of
the original IRS Web site (namely the logo and the general formatting elements).

fake irs form

The page also provides a link of a purported tax statement
that the user should download and execute. However, upon clicking the user does
not download an e-form, but receives a malicious payload that BitDefender
detects as Trojan.Generic.2436384, which is, in effect, another version of the
infamous ZBot.

This long-lasting Trojan has rootkit components that help
him to install and hide itself on the compromised machines either in the
Windows or Program Files directory. It injects code in several processes and
adds exceptions to the Microsoft

About the author


With a humanities passion and background (BA and MA in Comparative Literature at the Faculty of Letters, University of Bucharest) - complemented by an avid interest for the IT world and its stunning evolution, I joined in the autumn of 2003 the chief editors' team from Niculescu Publishing House, as IT&C Chief Editor, where (among many other things) I coordinated the Romanian version of the well-known SAMS Teach Yourself in 24 Hours series. In 2005 I accepted two new challenges and became Junior Lecturer at the Faculty of Letters (to quote U2 - "A Sort of Homecoming") and Lead Technical Writer at BluePhoenix Solutions.

After leaving from BluePhoenix in 2008, I rediscovered "all that technical jazz" with the E-Threat Analysis and Communication Team at BitDefender, the creator of one of the industry's fastest and most effective lines of internationally certified security software. Here I produce a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases. Every now and then, I enjoy scrutinizing the convolutions of e-criminals' "not-so-beautiful mind" and, in counterpart, the new defensive trends throughout posts on

Balancing the keen and until late in night (please read "early morning") reading (fiction and comparative literature studies mostly) with Internet "addiction", the genuine zeal for my bright and fervid students with the craze for the latest discoveries in science and technology, I also enjoy taking not very usual pictures (I'm not a pro, but if you want to see the world through my lenses, here are some samples, messing around with DTP programs to put out some nifty book layouts and wacky t-shirts, roaming the world (I can hardly wait to come back in the Big Apple), and last but not least, driving my small Korean car throughout the intricacies of our metropolis's traffic.