Microsoft Threat Intelligence observed a significant increase in tax-themed phishing and malware campaigns targeting individuals and accounting professionals. These campaigns utilize sophisticated social engineering, Phishing-as-a-Service (PhaaS) platforms for credential theft, and abused legitimate Remote Monitoring and Management (RMM) tools to establish persistent remote access.