Weekly Threat Briefing: IRS Alerts Taxpayers to New Email Scam

The intelligence in this week’s iteration discuss the following threats: Adware, Data theft, Impersonation Phishing, Ransomware, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

Observed Threats

This section includes the top threats observed from the Anomali Community user base as well as sensors deployed by Anomali Labs. A ThreatStream account is required to view this section. Click here to request a trial.


The term, “MageCart,” first emerged in 2015, according to RiskIQ and Flashpoint researchers. The umbrella term, MageCart, refers to groups that target online commercial websites and injects payment skimming scripts to illicitly obtain credit card credentials. The group is suspected to be several groups under the umbrella of MageCart, the name given to keep track of these financially-motivated groups and their malicious activity. RiskIQ and Flashpoint suggest that there are approximately six to seven groups with each group acting slightly different in their targeting, skimmer functionality, and infrastructure.

Subscribe to the Anomali Newsletter

Get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now