Hoax AICPA E-mails Circulating Online
Internauts are being urged for remaining vigilant of a hoax electronic mail, which poses as a message from AICPA, abbreviation of American Institute of Certified Public Accountants.
It maybe noted that AICPA, located in USA, is one specialized organization comprising Certified Public Accountants, and running on a non-profit basis.
The fraudulent electronic mail addressing accountant officer tells the recipient that AICPA has got information that he (recipient) has allegedly helped towards breaching income tax re-imbursement rules in the case of one amongst his many employers. Therefore, the AICPA Bylaw Sec. 765 makes the status of his Certified Public Accountant liable for cancellation if there's assistance in submitting any fake or misguided returns filing at the time of representing the client.
The e-mail then requests the recipient to read the details of a given notification followed with answering in seven days, failing which his Accountant license will be terminated.
But, following the notification web-link results in a page included in a WordPress website, which has been hijacked and advertising winches. Subsequently, a malevolent HTML file harbored on that website takes advantage of the CVE-2010-1885 vulnerability by exploiting it for installing a Trojan virus on the victim's PC.
Hoping that some recipients, if not all, will be Certified Public Accountants, as also of those at least a few will become frightened and click the web-link devoid of necessary caution, the scammers look forward to their ploy's success. They also hope that even some recipients that aren't CPAs will follow the web-link just feeling inquisitive.
However, the AICPA, on knowing about the scam e-mail, spread awareness via posting on its authorized Internet site that it didn't send the message.
Explicitly it said that anyone getting the e-mail must erase the message immediately. The organization had informed law-enforcement officials regarding the event even as it kept on watching the situation. Incase anyone clicked the web-link it was advisable that he scan his computer with an anti-virus, while even otherwise it was wise for ensuring one's anti-virus was updated. Finally, end-users must proactively adopt measures towards safeguarding themselves from online or e-mail scam, aicpa.org posted on July 19, 2012.
Related article: High-Profile Flaws in September Unrelated to Virus Rate
» SPAMfighter News - 28-07-2012