Amid the ongoing tax season, taxpayers were advised to look out for a new tax-related spam email that may lead to exploit kits and malware.
Computer security firm Sophos said it had detected a large number of emails purporting to be from Intuit, the company behind the QuickBooks bookkeeping software.
"(Our) anti-spam products have been detecting and blocking these messages for quite some time, but the messages are so convincing that our own customers have been reporting the blocks to us as false-positives!" Sophos said in a blog post.
It said a typical spam message claims to see a problem with the recipient's tax information.
The spam email claims the recipient's name and/or Taxpayer Identification Number is different from the information obtained from the Internal Revenue Service.
Sophos noted Intuit itself had posted a warning on its security center advising customers that this may be a phishing attack.
Depending on which browser and plugins a prospective victim is running, the Blackhole exploit kit can exploit the vulnerable ones and deliver a malicious payload.
In many times, it delivers fake anti-virus (scareware), Sophos said. — TJD, GMA News