Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


M86 Spots Scam EFTPS E-mails

Security investigators from M86, the security company, caution Web-surfers that a fresh surge of bogus e-mail, purporting to be from EFTPS (Electronic Federal Tax Payment System), is presently hitting their inboxes.

Reportedly, the electronic mail tells the recipient that his Federal Tax Payment ID: #### hasn't been accepted. Also his identification number R21 of Return Reason Code utilized within the Company Identification Field isn't authentic as well. Thus, states the e-mail, the user needs to examine the information as well as refer to Code R21 for obtaining the details of his agency payment on hhtp://eftps.gov/R21, section: transaction contacts. Alternatively, he should consult his accountant advisor.

Continuing further, the e-mail draws the recipient's attention to a notification that he has to pay his tax irrespective of whether EFTPS is available online. If an emergency situation arises he can always call EFTPS to make the said payment, the message concludes.

Observe the investigators at M86 that the e-mail clearly suggests that it's meant to attack enterprises that understandably will be compelled for utilizing EFTPS as the standard way to pay tax beginning January 2011.

They outline that the web-link given inside the fake e-mail that seemingly points to eftps.gov, in reality leads users onto a web-site that's hosted on a compromised Web-server. Moreover, a disguised edition of JavaScript can be found on this site.

The result of this JavaScript is that merely a fresh string of JavaScript is included in the existing web-page: location.replace ("http://[removed]autocom.ru/trafflit.php"). This program instructs affected Web-browsers to open a fresh URL, which apparently harbors a toolkit for an SEO exploit that carries the JavaScript.

Notes M86 that scammers utilize the exploit kit to attack 1 security flaw within Adobe Reader and 4 within Java.

Ultimately, the scam e-mails attempt at loading the infamous Zeus Trojan and compromise the victims' PCs.

Finally, it's because of the aforementioned kind of targeted assaults that security investigators wind up that Zeus through its sophisticated technique creates plenty of risk for organizations and businesses. During September 2010, security personnel in Ukraine, UK and USA busted a cyber-criminals' ring that with Zeus stole over $70m from businesses.

Related article: MU Students Received phishing E-mail

ยป SPAMfighter News - 12/18/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page