Microsoft Finds Tax-Season Phishing Campaigns Targeting Professionals
Microsoft Threat Intelligence identified multiple tax-themed phishing campaigns in January–February 2026 that targeted US organizations and professionals with hundreds to several thousand emails. Attackers used PhaaS kits (Energy365, SneakyLog), personalized attachments and QR codes, and abused legitimate RMM tools like ScreenConnect and SimpleHelp to harvest credentials or deliver malware. Microsoft recommends user education, email security hardening, and monitoring for abused RMMs to mitigate these seasonal threats.
Scoring Rationale
Official Microsoft findings and actionable defenses increase impact; coverage is timely but largely limited to US tax-season campaigns.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
