WEBINAR - Expert Panel: Choosing the Right RIA Compliance Partner in 2025
on August 20th 2025, 10am PT / 1pm ET - Save your Spot
< BACK TO BLOG

W-9 forms as bait

March 30, 2023

Be on the lookout for attachments claiming to be W-9s.  The attachment contains a malicious Microsoft OneNote document which will try to install Emotet malware.

Once Emotet is installed, the malware will steal emails to use in future reply-chain attacks, send further spam emails, and ultimately install other malware that provides initial access to other threats.

Takeaways

  • It's the height of tax season, which also means it's the height of tax-related phishing.
  • Tax forms are not typically distributed via OneNote.
  • Call and verify any attachments or links before opening.

Sources: Bleeping Computer, Malwarebytes  and Unit42

Need Help Now?
sales@surgeone.ai
+1 650-294-8889
How it WorksOur ProcessPricing Options
What Our Clients SayWho We ServeCyber Bites
About usPrivacy policyContact Us
© Security Snapshot.
Privacy Policy | Master Services Agreement