Have you filed your taxes yet? Well, you have a very short window to do it. Now that Tax Day is here, cybersecurity experts are warning Windows users of a sophisticated phishing campaign designed to exploit the urgency of tax season. As if tax time isn’t stressful enough, these bad actors are out to make it worse. Attackers are distributing emails that appear to be from the IRS, with attachments labeled “urgent reminder” which include “helpful” malicious QR codes.

When scanned, these QR codes direct users through fake bot protection and CAPTCHA checks before prompting them to enter their Microsoft login credentials, which is the ultimate prize in this attack. Security researchers from Malwarebytes warn that these fake login pages often have pre-filled email addresses, making it easier for unsuspecting victims to fall into the trap. Once credentials are entered, they are sent to servers controlled by cybercriminals, potentially leading to unauthorized access to personal and financial information.

To protect yourself from such attacks, it’s crucial to remember that the IRS does not initiate contact with taxpayers via email, text messages, or social media to request personal or financial information. If you receive an unsolicited email claiming to be from the IRS, do not click on any links or download attachments. Instead, visit the official IRS website (which ends in .gov) directly to verify any correspondence.  You could also use a phone number off of the official IRS page to give them a call.

Additionally, be cautious of emails with urgent subject lines and unexpected attachments, no matter what time of year it happens to be, and consider using multi-factor authentication to add an extra layer of security to your accounts.

Researchers are also warning that once the tax filing deadline passes, attacks like this won’t go away. The subject line may change to something relating to an audit of your taxes or that there is a mistake on your filing, but they are still phishing attempts. So be on the lookout for those well after April 15…of any year.

Staying vigilant and informed is key to protecting yourself during this tax season and beyond.