IT Consulting and Tech Support Blog

Intuit spam leads to exploit kits / malware

Tax season is here for most of us which means many spammers will try to take advantage of the situation and lead you to tax-related malicious links.

Security companies have been seeing a large number of emails purporting to be from Intuit, the company that makes QuickBooks, Quicken and TurboTax software.

Most anti-virus products have been detecting and blocking these messages for quite some time, but the messages are so convincing that many users have been ignoring the warnings and reporting the blocks as false positives.

The spam reads:

Intuit have posted a warning to their security center advising customers that this may be a phishing attack, unfortunately it is a lot worse than that. People who decided to click on the link contained in the email are directed to a web page that contains JavaScript representative of the sites infected with the Blackhole exploit kit. Depending on which browser and plugins you may be running the Blackhole exploit kit can exploit the vulnerable ones and deliver a malicious payload, many times fake anti-virus (scareware).

Be careful and never trust ANY email that asks you to give out personal and/or financial information.

This entry was posted in Exploits, QuickBooks, Virus Outbreak Alerts, Vulnerabilities, Web Security and tagged , , , , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Both comments and trackbacks are currently closed.