Spamvertised 'Tax information needed urgently' emails lead to malware

Summary:Security researchers from AppRiver, have intercepted a currently spamvertised malware campaign, enticing end users into clicking on malicious links.

Security researchers from AppRiver, have intercepted a currently spamvertised malware campaign, enticing end users into clicking on malicious links.

Impersonating INTUIT Inc., the maker of the popular tax software TurboFax, cybercriminals are spamvertising links are attempting to trick end users into thinking that "it appears that your name and/or Taxpayer Identification Number, that is stated on your account is different from the data obtained from the Social Security Administration", and that by clicking on link found in the malicious email, they will get the opportunity to check the data on their account.

Upon clicking on  the link, a trojan horse is dropped on the targeted PC using a malicious Javascript.

Users are advised to avoid interacting with suspicious emails, and to ensure that their hosts are free from vulnerabilities most commonly exploited by web malware exploitation kits.

Topics: Security, Collaboration, Malware

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.