This makes it the perfect time for the threat actors to target the taxpayers, hoping they will open the malicious files.

Microsoft has warned of the phishing attack, which targets taxpayers and accounting companies.

Attacks install Remote Acess malware that allows them to gain initial access to the corporate network.

The attacks target taxpayers & accounting firms that deliver Ramcos Remote Access Trojan (RAT).

The VBS file will download a decoy PDF file to open in its Microsoft Edge to avoid causing suspicion.

The threat attackers spread further through the network to steal data and install other malware.

These phishing activities use tax-related themes. Unusually, this campaign only targets individuals & tax firms.