This content is viewable by Everyone

Apr 2023: Tax-Themed Lures Distribute Malware

Save

Save

Threat Alert: What to Watch For

  • Cybercriminals have launched a series of phishing attacks using a timely tax-themed lure. 
  • The lures imitate the sharing of 2022 tax documents via a Citrix ShareFile link. The lures note that the download expires on April 18, 2023, the tax-filing deadline in the United States. Cybercriminals frequently attempt to create a sense of urgency in their lures. 
  • While the lure claims to be from Citrix, the email’s sending address is from a Google domain.  

Key Action: Report Suspicious Emails

  • Report ANY suspicious emails using the Phish Alarm button in your email menu bar. 
  • Remember: Our organization occasionally sends phishing simulations that are used to evaluate the potential impact of a real phishing attack. Report any emails that match the tactics described above. 
  • If a reported message is a simulation, you will see a notification alerting you to that. No further action is needed on your part. 
  • If a reported message was not a simulation, and you are concerned about a time-sensitive request, you must take additional steps to verify the email is valid before acting on it. 

Tips to Remember (at Work and at Home)

  • Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email is safe. Cybercriminals often imitate well-known organizations.  
  • Verify the legitimacy of any unsolicited/unexpected email before you interact with it, especially if it directs you to click on a link. It can be tempting to click on a “call-to-action,” especially for time-sensitive cases such as alleged tax documents. But if you notice a subtle change or inconsistency within the message, don’t ignore it—report it.
  • Remain alert to phishing indicators. Mismatches between sending addresses and an organization’s name are always warning signs. 
  • Remember that cybercriminals commonly leverage current events in phishing attacks. Annual events like tax season give cybercriminals time to prepare, as well as allowing them to take advantage of the potential stress or urgency this time of year can bring.  
Phish Indicators on Tax Lure