Sunbelt: With the U.S. currently in tax season, online criminals have, once again, sought to take advantage of this. Robert Stetson, one of Sunbelt’s malware researchers, spotted a phishing email posing as Intuit Inc., a company that “develops financial and tax preparation software”. They developed Quicken and TurboTax. Below is a screenshot of the said email:
Email details are as follows:
Subject: Please verify your tax information ASAP.
With a view to agree that exact data is being kept up on our systems, as well as to be able to give you better quality of service; INTUIT INC. has taken part in the Internal Revenue Service [IRS] Name and TIN Matching Program.
We have found out, that your name and/or TIN, that is specified on your account does not correspond to the data on file with the Social Security Administration.
In order to verify the information of your account, please enter the secure section.
2632 Marine Way
Mountain View, CA 94043
Clicking the link leads readers to download a Blackhole exploit.
Our friends at Sophos found a variant of this phishing email.
This is not the first time that online criminals have taken advantage of the U.S. tax season. In light of phishers banking on brands as a part of their social engineering ploy, legitimate companies such as Intuit Inc. does not normally send out emails of this nature. In fact, Intuit Inc. have made it a point to make clear to their clients what they will do and what they will not do in the context of sending out emails. Intuit clients are wise to take note of this point under the “What we’ll do” section: If we need you to update your account information, we will request that you do so by logging into your account.
It is important that you, dear Reader, are familiar with how your service providers conduct their services and how they respond to online threats that target them. Equally, these providers must be responsible in informing you of the latest threats affecting you and their brand and provide ways on how you can protect yourselves from such threats.