New Social Security Scam Emails Use Fake Tax Documents to Hijack PCs

New Social Security Scam Alert 🚨

A new scam is currently targeting thousands of people across the United States, using the name of the Social Security Administration to trick unsuspecting users. This campaign, identified by the security firm LifeLock, arrives just in time for the busy tax season.

As per LifeLock’s tweet, the scam works by sending emails that look like official government notifications. These messages use urgent language such as “Important Disclosures” or “Important Regulatory Information” to grab a person’s attention. Scammers rely on this sense of urgency to make people act without thinking. In this case, the same thing happens. While the sender’s name might say Social Security Administration, investigations revealed that the emails do not actually come from a legitimate government domain ending in .gov.

The emails typically include a link or a file that looks like a standard PDF statement, possibly named “Social_security_statements_2025.pdf.” However, researchers noted that this is not a normal document, and the file uses a tool called Datto RMM. Normally, RMM (Remote Monitoring and Management) is a helpful tool used by IT experts to fix computers from a distance. But here, it has been turned into a weapon. If a user clicks the link to view the document, it can install a RAT (Remote Access Trojan). This allows attackers to take full control of a person’s device, enabling them to watch what the user is doing and steal private data.

The fake emails often tell the reader that a new document is ready for review and will only be available for a short time. This is a major red flag, as the goal is to make you click a button labelled “VIEW DOCUMENT” as quickly as possible. To stay safe, experts suggest always checking the sender’s email address and avoiding any links that ask you to download software just to view a simple statement.

To read the complete article see: Read full article