A new malware campaign targeting Windows users has been identified, using fraudulent Indian Income Tax assessment pages to deliver malicious payloads. Security researchers are tracking the operation as TAX#TRIDENT, which relies on social engineering tactics to compromise victims.

The attack begins when targets encounter fake tax assessment or penalty notification pages that impersonate legitimate Indian tax authority communications. These fraudulent pages are designed to create a sense of urgency, pressuring victims into taking immediate action on supposed tax issues or penalties.

The technical delivery mechanism involves prompting victims to download what appears to be an official document related to their tax assessment. These files are typically packaged as ZIP archives, which contain malicious executables or scripts. When victims extract and open the archive contents, the malware payload is deployed on their Windows systems.

The campaign poses significant risks to both individual taxpayers and organizations in India. By exploiting the authority and urgency associated with tax communications, attackers can achieve high success rates in convincing victims to execute malicious files. The specific malware families being distributed and their capabilities have not been fully detailed in available reporting.

Windows users, particularly those in India or dealing with Indian tax matters, should exercise extreme caution with any unexpected tax-related communications. All tax assessment notices should be verified directly through official government portals or by contacting tax authorities through established channels. Users should avoid downloading attachments from unsolicited emails or suspicious websites, and maintain updated antivirus software to detect known malware signatures associated with this campaign.

Source: https://gbhackers.com/fake-tax-assessment-pages/