Home | Blog | Taxpayers Targeted By GameOver Zeus Cyber Virus

Taxpayers Targeted By GameOver Zeus Cyber Virus

A highly sophisticated cyber ‘super virus’ is using emails purporting to be from HMRC and other tax and financial CERT-announcementinstitutions to infect computers and hack into bank accounts, before systematically draining funds.

Fake invoices or order confirmations from retailers – usually claiming a large sum has been charged to a credit card – have also been reported.

To date, more than 15,000 PCs in the UK are thought to have been affected with the GameOver Zeus virus, which is the brainchild of a criminal gang based in Russia and the Ukraine.

Two Weeks Protection Window

A US-led operation this week managed to take charge of servers used to control the malicious software, which has been stealing personal and financial data worldwide.

This operation, which was coordinated by international law enforcement agencies, has temporarily disabled the malware software, providing web users with an estimated two-week window to protect their machines from the virus.

Targeting Financial Data

Designed to seek out files which allow access to banking or financial data, the virus software installs itself on a computer when the victim clicks a link in an unsolicited/fake email or via a website. It then sends out more emails to lure further victims, spreading rapidly across the web.

The virus will then remain dormant until an opportunity to steal data – such as when you use online banking or make a payment online – when it transmits the information back to the criminal network, which can then empty your accounts.

As well as seeking to steal sensitive information the virus also uses malware called CryptoLocker, which encrypts all files on a victim’s computer and demands a ‘ransom’ of one Bitcoin (around £300), payable in a set time period, to release the file.

At present the virus only affects PCs, not MACs. If you do receive an email from HMRC, they generally recommend that you do not open any attachments and contact HMRC if you are unsure.

If your machine has already been infected, you will be contacted by your internet service providers. However, affected or not, it is important that you take steps to protect your financial and sensitive data.

For more information on cyber virus and phishing scams, read our recent blog post New IRS Warning on Phishing Schemes 

Here to Help

Here to Help

Contact one of our specialists

US Tax & Financial Services Ltd
3 Harbour Exchange Square
London E14 9GE
United Kingdom

T: +44 20 7357 8220

F: +44 20 7357 8225

Email Us

US Tax & Financial Services Sarl
Brandschenkestrasse 20
CH-8001 Zurich

T: +41 44 387 8070

F: +41 44 387 8079

Email Us

US Tax & Financial Services Sarl
Rue de Candolle 19
CH 1205

T: +41 22 700 2500

F: +41 22 700 2526

Email Us

Middle East, Asia and the Americas
US Tax & Financial Services GmbH
Löwenstrasse 28
PO Box 1367
CH-8021 Zurich

T: +41 44 387 8070

F: +41 44 387 8079

Email Us

US Tax & Financial Services Ltd / MAJATTORNEY
Norra Skeppsbron 5B
SE 803 10, GAVLE

T: +46 26 18 82 22

M: +46 70 61 88 016

Email Us

Read Services in :EnglishFrenchItalianGerman