top of page

Cyber Bites

W-9 forms as bait

Be on the lookout for attachments claiming to be W-9s. The attachment contains a malicious Microsoft OneNote document which will try to install Emotet malware.

Once Emotet is installed, the malware will steal emails to use in future reply-chain attacks, send further spam emails, and ultimately install other malware that provides initial access to other threats.


  • It’s the height of tax season, which also means it’s the height of tax-related phishing.

  • Tax forms are not typically distributed via OneNote.

  • Call and verify any attachments or links before opening.

Sources: Bleeping Computer, Malwarebytes and Unit42

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.


bottom of page