Security teams warn of a large-scale phishing campaign impersonating IRS tax refund notifications that has targeted more than 2 million inboxes this week.
The emails use convincing gov-style branding and direct victims to credential-harvesting sites that also attempt to install information-stealing malware.
