Easter Holiday Phishing Scams and Malware Campaigns

Original release date: March 30, 2018

As the Easter holiday approaches, NCCIC/US-CERT reminds users to be aware of potential holiday scams and cyber campaigns, which may includeemails and ecards from unknown senders that may contain malicious li…

Original release date: March 30, 2018

As the Easter holiday approaches, NCCIC/US-CERT reminds users to be aware of potential holiday scams and cyber campaigns, which may include

  • emails and ecards from unknown senders that may contain malicious links,
  • fake advertisements or shipping notifications with attachments infected with malware, and
  • spoofed email messages and phony posts on social networking sites requesting support for fraudulent causes.

NCCIC encourages users and administrators to be cautious of unsolicited messages and to review NCCIC Tips on Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Attacks.


This product is provided subject to this Notification and this Privacy & Use policy.


Tax Guidance as Deadline Approaches

Original release date: March 30, 2018

As this year’s April 17 tax deadline approaches, NCCIC/US-CERT offers taxpayers guidance to help protect their personal, financial, and tax information. Hackers can take advantage of taxpayers by using socia…

Original release date: March 30, 2018

As this year's April 17 tax deadline approaches, NCCIC/US-CERT offers taxpayers guidance to help protect their personal, financial, and tax information. Hackers can take advantage of taxpayers by using social engineering scams to attempt to steal personally identifiable information. NCCIC encourages taxpayers to review the following resources and recommendations:

  • Avoid tax scams. Look for the telltale signs of tax scams:
    • emails that appear to come from your tax professional, requesting information for an IRS form
    • emails containing links to a supposed IRS website
    • bogus questionnaires claiming to be from the IRS or law enforcement agencies
    • calls where scammers leave urgent callback requests
  • Safeguard personal data.
  • Use strong passwords.
  • Keep software updated.

If you believe you have been a victim of an IRS-related phishing attempt, visit the IRS’s page at https://www.irs.gov/privacy-disclosure/report-phishing to report suspicious IRS-related communications.


This product is provided subject to this Notification and this Privacy & Use policy.


Microsoft Release Patch for Windows 7 and Windows Server 2008 R2 Systems

Original release date: March 29, 2018

Microsoft has released security updates to address a vulnerability in Windows 7 x64 and Windows Server 2008 R2 x64 systems. Exploitation of this vulnerability may allow an attacker to take control of an affe…

Original release date: March 29, 2018

Microsoft has released security updates to address a vulnerability in Windows 7 x64 and Windows Server 2008 R2 x64 systems. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Vulnerability Note VU#277400 and Microsoft’s Advisory for more information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Apple Releases Multiple Security Updates

Original release date: March 29, 2018

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC/US-CERT encourages use…

Original release date: March 29, 2018

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.