The State Tax Service of Ukraine has reported a new large-scale cyberattack: fraudsters are sending emails that supposedly come from the SFS to deceive citizens and gain access to their computers.
This is reported by Finway
Signs of Phishing Messages
According to the tax service, the attackers disguise their email addresses as official ones, such as [email protected] or [email protected]. The real SFS has no connection to these addresses. Fraudsters use subjects like “Urgent Message: Clarification of Tax Reporting Following an Audit” to attract attention.
“Fraudsters disguise their addresses as supposedly belonging to the SFS, which actually have no relation to the tax service ([email protected], [email protected]). The subject of the messages is ‘Urgent Message: Clarification of Tax Reporting Following an Audit,'” the tax service informs.
The text of the emails contains attachments in .zip, .rar formats, as well as files with .scr or .exe extensions, which are particularly dangerous. Opening such files leads to the infection of the computer with malware, allowing attackers to gain unauthorized access to the victim’s device.
Recommendations for Users
The SFS emphasizes that it does not send such emails and urges Ukrainians to be cautious. Experts recommend following basic cyber hygiene rules:
- Do not open attachments in suspicious emails.
- Be cautious even if the sender’s address seems legitimate, as addresses can be spoofed.
- If possible, verify the authenticity of the email by checking with the sender whether it was sent.
- Follow general safety rules when working with email and online resources.
The tax service also reminds of the real danger of personal computers being infected with viruses contained in attachments to phishing messages. Ukrainians should remain vigilant and not fall for the provocations of fraudsters.