“Attackers turned the tables on both their competitors and researchers investigating a recent Zeus attack, which targeted quarterly federal tax payers who file electronically, by feeding them a phony administrative panel with fake statistics.

The massive and relatively sophisticated spam campaign last month posed as email alerts to victims, notifying them that their electronic federal tax payments had failed and sending them to a link that both infects the victim with the Zeus Trojan and sends victims to the legitimate Treasury Department website, eftps.gov, for filing quarterly taxes.”

From Dark Reading