Ask Score: Be ready for an email malware attacks

November 29, 2018 GMT

In my last column, I urged small business CEOs to be prepared for emergencies and to plan for it. Today, I will follow-up with a prime example of what is happening.

A local CEO just called me to report that her company had been attacked by an email which an employee opened and now their whole computer system is impacted. Welcome to this new normal facing all small businesses and individuals. My observation is that small businesses are very vulnerable because many do not have the staffing and policies in place to protect their technology that they use in their business every day. So I urge CEOs to be prepared for this emergency.


The Internal Revenue Service and Security Summit partners warned the public last week of a surge of fraudulent emails impersonating the IRS and using tax transcripts as bait to entice users to open documents containing malware.

The scam is especially problematic for businesses whose employees might open the malware because this malware can spread throughout the network and potentially take months to successfully remove. I pass along some details from this partnership warning.

They report that this well-known malware, known as Emotet, generally poses as specific banks and financial institutions in its effort to trick people into opening infected documents. The Summit partnership of the IRS, state tax agencies and the nation’s tax industry remind taxpayers to watch out for this scam.

However, in the past few weeks, the scam masqueraded as the IRS, pretending to be from “IRS Online.” The scam email carries an attachment labeled “Tax Account Transcript” or something similar, and the subject line uses some variation of the phrase “tax transcript.”

These clues can change with each version of the malware. Scores of these malicious Emotet emails were forwarded to phishing@irs.gov recently.

The IRS reminds taxpayers and small businesses that it does not send unsolicited emails to the public, nor would it email a sensitive document such as a tax transcript, which is a summary of a tax return. The IRS urges taxpayers not to open the email or the attachment. If using a personal computer, delete or forward the scam email to phishing@irs.gov. If you see these using an employer’s computer, notify the company’s technology professionals.

The United States Computer Emergency Readiness Team issued a warning in July about earlier versions of the Emotet. This group has labeled the Emotet Malware “among the most costly and destructive malware affecting state, local, tribal, and territorial governments, and the private and public sectors.”