

Rewterz Informative Update – Best Practices for Internet Safety
August 9, 2019
Rewterz Threat Advisory – Windows 10: Privilege Escalation Vulnerabilities Found in Over 40 Drivers
August 13, 2019
Rewterz Informative Update – Best Practices for Internet Safety
August 9, 2019
Rewterz Threat Advisory – Windows 10: Privilege Escalation Vulnerabilities Found in Over 40 Drivers
August 13, 2019Severity
High
Analysis Summary
A new phishing campaign targeting financial sector in Pakistan impersonating as FBR tax refund asking for credentials. This comes up as a critical moment when Pakistan Government is acting upon to document the taxation procedure and giving customers a chance to file the tax and set a precedent to encourage local people to ensure smooth procedure of taxation process.
The phishing page in this local campaign is luring customers to get a refund on their tax returns which later on targets the customers for their credentials.

Impact
- Credential theft
- Financial loss
Indicators of Compromise
Email Address
refund@fbr.gov.pk
Email Subject
FBR: Your 2019 Tax Refund Notice
Remediation
- Always be suspicious about emails sent by unknown senders.
- Never click on the link/ attachments sent by unknowns users.