Summary: Microsoft has issued warnings about multiple phishing campaigns utilizing tax-related themes to distribute malware and steal credentials. These campaigns employ sophisticated methods like URL shorteners and QR codes to mask malicious intent while targeting thousands of organizations, especially in the U.S. The attacks often involve a phishing-as-a-service platform, RaccoonO365, and various malware types, including remote access trojans and information stealers.
Affected: Organizations in the United States, particularly in engineering, IT, and consulting sectors.
Keypoints :
- Phishing campaigns leverage tax themes, using URL shorteners and QR codes in malicious emails.
- Distributed malware includes BRc4 and Latrodectus, with campaigns targeting over 2,300 organizations.
- Methodologies include PDF attachments with links to fake login pages and malicious Excel files exploiting macros.
- Rotating strategies involve the use of legitimate services and social engineering tactics to bypass security measures.
- Organizations should adopt phishing-resistant methods, secure browsers, and enhance network protection to mitigate risks.
Source: https://thehackernews.com/2025/04/microsoft-warns-of-tax-themed-email.html