Trend Micro has recently reported in their blog that a new ransomware called PowerWare is targeting tax program files. So far, it has attacked files with extensions *. tax2013 and *. tax2014 in addition to others, such as *.docx, *.xls—but it is reasonable to expect that this Trojan can be quickly modified by criminals to attack the latest tax-filing program extensions.
The infection is currently spread via infected Microsoft Word documents attached to SPAM emails masquerading as invoice notifications—similar to the way the Locky ransomware is spread.
Individuals using tax software are vulnerable as a ransomware attack can delay or prevent an individual from filing their taxes on time.
Tax Preparers and Accountants should be particularly concerned since criminals will probably expand their attack vector to include files created by professional tax preparation programs as well.
Joseph Imperato Sr. is the Managing Partner for XSolutions Consulting Services, a Managed Services Provider (MSP) delivering Computer Support, Business Continuity, Cloud Services, and IT Consulting to New York, New Jersey, and Connecticut businesses. Call us at (845) 362-9675 and see how we can help your company.