Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Bogus Intuit E-mail Leading towards Malicious Load

Several spam e-mails claiming to be coming from Intuit, the company that manufactures QuickBooks book-keeping software, are spreading across the US, according to security firm SophosLabs. The message informs the receivers that Intuit wants to confirm their particulars including name and tax identification number (TIN) as the information stored by it is dissimilar to the data provided by the Internal Revenue Service (IRS).

The e-mail is sent from the address update@intuit.com or security@intuit.com, and contains subject lines like "verify your tax information ASAP," or "Tax information needed within 30 Days", as published in infosecurity on February 7, 2012. The message affirms the fact that Intuit maintains truthful information on its systems. It has participated in the IRS Name and TIN matching program, but due to some reasons, the information specified in its account is not the same as provided by the IRS. The message also includes the link to "check and verify" data.

People who had clicked on such a link were moved to an internet page which included JavaScript representative of websites grimy with Blackhole exploit kit. Chester Wisniewski of SophosLabs says that this attempt could bring in a malevolent load, including fake anti-virus or scareware. Suspecting that this might be worse than a phishing attack, Intuit has advised its customers to avoid such mails.

Conspicuously, the BlackHole exploit kit is a dominant piece of malicious software introduced by the same group as the Zeus financial trojan. Priced at US$ 1,500 for 12 months, it initially appeared in the Q3, 2010. But, later on during May 2011, the malware was started to be offered free-of-charge.

Internet users have been recommended to avoid interacting with such distrustful electronic messages. It helps to make sure that the host is free from susceptibilities as it is usually exploited by cyber malicious software exploitation kits.

The IRS further conceded that personal information from the customers is never requested through personal e-mails. Moreover, such messages are always better to be ignored and deleted. Nevertheless, it is of utmost importance for customers to vide with any legal notice from the IRS that intimates about the existence of more than one tax return being filed in the name of an individual for there could be someone else stealing the user's good name.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 15-02-2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next