Bogus Intuit E-mail Leading towards Malicious Load

Several spam e-mails claiming to be coming from Intuit, the company that manufactures QuickBooks book-keeping software, are spreading across the US, according to security firm SophosLabs. The message informs the receivers that Intuit wants to confirm their particulars including name and tax identification number (TIN) as the information stored by it is dissimilar to the data provided by the Internal Revenue Service (IRS).

The e-mail is sent from the address update@intuit.com or security@intuit.com, and contains subject lines like "verify your tax information ASAP," or "Tax information needed within 30 Days", as published in infosecurity on February 7, 2012. The message affirms the fact that Intuit maintains truthful information on its systems. It has participated in the IRS Name and TIN matching program, but due to some reasons, the information specified in its account is not the same as provided by the IRS. The message also includes the link to "check and verify" data.

People who had clicked on such a link were moved to an internet page which included JavaScript representative of websites grimy with Blackhole exploit kit. Chester Wisniewski of SophosLabs says that this attempt could bring in a malevolent load, including fake anti-virus or scareware. Suspecting that this might be worse than a phishing attack, Intuit has advised its customers to avoid such mails.

Conspicuously, the BlackHole exploit kit is a dominant piece of malicious software introduced by the same group as the Zeus financial trojan. Priced at US$ 1,500 for 12 months, it initially appeared in the Q3, 2010. But, later on during May 2011, the malware was started to be offered free-of-charge.

Internet users have been recommended to avoid interacting with such distrustful electronic messages. It helps to make sure that the host is free from susceptibilities as it is usually exploited by cyber malicious software exploitation kits.

The IRS further conceded that personal information from the customers is never requested through personal e-mails. Moreover, such messages are always better to be ignored and deleted. Nevertheless, it is of utmost importance for customers to vide with any legal notice from the IRS that intimates about the existence of more than one tax return being filed in the name of an individual for there could be someone else stealing the user's good name.

» SPAMfighter News - 15-02-2012

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial