Microsoft warns of tax-themed phishing campaigns as Tax Day approaches, where attackers use social engineering to steal credentials and deploy malware. Techniques include URL shorteners, QR codes, and fake IRS notifications leading to malicious downloads, such as BruteRatel and Latrodectus. Microsoft’s recommendations for protection emphasize user education, advanced anti-phishing solutions, and using tools like Microsoft Defender Office 365 to block suspicious emails.
Threat Actors Leverage Tax Season to Deploy Tax-themed Phishing Campaigns
