The Fake IRS E-Help Desk Virus Email Message
Subject: E-mail Receipt Confirmation - Ticket#SD5283437
The IRS e-help Desk has received your email on 04/02/14. A case has been opened in response to your question or issue.
Your case ID is : SD5283437
Details about this case has been attached.
If additional contact is necessary, please reference this case ID.
You will receive a reply within two business days.
Thank you for contacting the IRS e-help Desk.
Do not submit confidential information, such as Taxpayer Identification Number (TIN), EFIN, or ETIN in your e-mail correspondence.
NOTE: We are providing a written response to your question using the information you have provided us in your original message. Our written response is NOT to be considered either a revenue ruling or determination letter, which are prepared by the Department of Treasury Chief Counsel.
This email attachment “SD5283437.zip” is not a document, but a file that that contains the malicious file or virus “SD5283437.exe”. So, please do not attempt open it.
Do not open files ending with “.zip” or “.rar”, unless you are expecting these files from someone. Cybercriminals are compressing or adding their viruses to archive files such as Zip (“.zip”) or WinRAR( “.rar”) to make them undetectable or able to bypass your email provider’s virus scanners.
If you open this malicious file, your computer will get infected with a Trojan horse, which the cybercriminals behind this message will be able to use to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.
Now, if you have already opened the malicious file, please do a full scan of your computer with the antivirus software installed on it.
If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software. For a list of other virus email messages, please click here.
Also, click here for a list of email attachments you should never open, regardless of where they came from.
This malicious email message is similar to the following: