All y'all know phishing season is year round, and financial/business themed phishes are always popular. Tax season makes them even more popular (if that's possible) and more likely to be effective.

Here at RC we've seen #GuLoader dropping #Remcos using tax-themed phishing emails, so we put out a mid-month insight on it & included some spiffy guidance on how to protect against malicious script execution for any threat, not just GuLoader

https://redcanary.com/blog/tax-season-phishing/

Proofpoint had a nice birdsite thread on this last week as well, here's a link to their observations

https://twitter.com/threatinsight/status/1629150189310058497?s=20