Well, it’s hard to believe that is the start of February already.  Where did January go?  It seems like that Christmas and New Years are still here, in some ways.  Now that as ramp up close to the midway point of Q1, the next item for both businesses and individuals alike is now getting ready for tax season. 

Of course, this is not a time of year that we Americans look forward to, but we have to pay our dues somehow to Uncle Sam.

I hope that all of you out there get a great refund, and if you do have to pay, it won’t break your bank either.  Make sure to take all of the deductions that you can!!! I know I will be for sure.  But, this theme of tax season underscores one important fact: 

This is one of the times that the Cyberattacker will come out and do everything they can to hook you in completely in giving out your Personal Identifiable Information (PII).

It is important to keep in mind that the Cyberattacker will not come after individuals per se.  After all, they have done this before many a time, and to them, you are no longer exciting bait to them, unfortunately.  But what they are most interested in now is the hitting the IRS and the accountants with all of the might that they have. 

This will range from creating phony IRS websites to even hacking into your accountant’s database.  That way, you should talk to your accountant first to see what kind of security measures they have put in place before you allow he or she to file your tax return. 

Likewise, you need to be extremely careful of any spam phone calls that you might get, text messages, and yes, of course, who can forget those Email messages.  Just remember to have you guard up.

If you do notice anything fishy (no pun intended) going on, always report it to the IRS, your accountant, and if need be, your local law enforcement and even FBI.  After all, in the end, the Cyberattacker wants to get to your tax refund, so the FBI will be quite interested in hearing from you if you notice any suspicious.

But keep in mind that it is not just tax season when the Cyberattacker comes out, they can come out whenever they feel like it.  But most of the time, it is during those times of the year when the transaction of financial information/data and PII take place. 

Two of these other times are during Black Friday/Cyber Monday, and during the Christmas season.  But another time when they can come out of their hidings is also when either a natural or physical disaster has struck or is in process of happening.

The example of this is actually happening right now, before our very own eyes.  As I am sure you have all heard, the Coronavirus has unleashed its full might, upon countries on a global nature.  It is believed that this contagion first started in China, and from there, has spread itself like wildfire. 

Because of this, the financial markets have taken a toll (especially last Friday, when the DOW tumbled over 600 points, its worst drop since last fall), and many of the US airlines have now completely suspended flights coming to and out of China until at least the summer time.

While this incident is very unfortunate and resulted in the loss of human life, the Cyberattacker is now taking of this situation in order to lure in unsuspecting victims.  The first confirmed reports of this new threat variant were disclosed by a special task force from IBM, known specifically as the “IBM X-Force Exchange”, and their detailed report on this new kind of Cyberattack can be downloaded here, at this link:

https://exchange.xforce.ibmcloud.com/collection/18f373debc38779065a26f1958dc260b

Apparently, this is the first Cyberattack to take advantage of this global crisis.  But what makes this kid of threat variant more lethal than the others is that it deploys what is known as the “Emotnet Trojan”.  This kind of malware is actually deployed in a Word document attachment and has been sent by an organization supposedly based in Japan that delivers welfare related services.

The text of the Email claims that this Word document contains specific instructions on how to take certain preventative measures in keeping yourself and your family from the Coronavirus.  This special team at IBM tested this infected Word doc in a sandbox environment, and if the unsuspecting victim opens up this attachment, a specialized VBA script then installs itself onto the computer or wireless device of the victim.

From here, the damage is then done.  The Cyberattacker now has all sorts of covert backdoors by which they can access the folders and files of the unsuspecting victim, and even install key logging software so that all keystrokes can be collected, recorded, and reconstructed to see where the valuable PII may reside at.

My Thoughts On This

Well, certainly don’t expect this to the be the last threat vector to emerge from the Coronavirus epidemic.  There will be many others to follow, depending upon how long this crisis lingers and until up to the point where it is no longer making news headlines.  Even this special taskforce from IBM is warning about this as well.

But in my opinion, be especially leery of those Emails and even phone calls that you may get asking for donations from charities that appear to be legitimate in nature.  Once again, although these websites may look real, more than likely, they are spoofed websites. 

So, you may be thinking that you are donating to a genuine and legitimate organization, but most likely, you will probably be sending money to some overseas bank account that is fraudulent in nature.

In these instances, the Cyberattacker will prey upon one of the most fundamental human instincts – which is that of fear.  If you ever receive an Email, phone call, or even a snail mail, it is important to keep your emotions in check and decide for yourself if this is legitimate correspondence or not.  I

if you have any doubts whatsoever, always contact the sender to see if they have sent this material to you.  That is probably your safest bet.

And of course, take the usual steps as well to protect your self from Phishing Email.  This can be done by even initiating a simple Google search, and you will see all sorts of tips and recommendations.  Honestly, I detest when a Cyberattacker takes advantage of a horrible situation like this. 

But this is what Social Engineering attacks are like – preying upon people’s emotions when they are at their climax, thus making them vulnerable to do just about anything.