Spamvertised ‘Termination of your CPA license’ campaign serving client-side exploits

by

Share this news now.

Cybercriminals are currently spamvertising ‘Termination of your CPA license‘ emails, enticing users into clicking on a malicious link supposedly redirecting to the complaint.pdf file.

More details:

The malicious attackers are also spamvertising a second variation of the campaign, this time using ‘Your accountant license can be revoked.” as a subject of the campaign.

Sample subjects: Termination of your CPA license; Your accountant license can be revoked; Your accountant CPA license termination; Income tax return fraud accusations

Sample message: Cancellation of Public Account Status due to income tax fraud allegations. Dear accountant officer,We have received a notice of your alleged assistance in income tax return infringement for one of your clients. According to AICPA Bylaw Subsection 700 your Certified Public Accountant license can be withdrawn in case of the occurrence of submitting of a misguided or fraudulent tax return on the member’s or a client’s behalf.Please be notified below and respond to it within 14 days. The failure to provide the clarifications within this time-frame will result in withdrawal of your Accountant license.

Once users click on the link, they are redirected to a compromised URL where the malicious attackers are attempting to serve client-side exploits to the unsuspecting victims.

End and corporate users are advised to avoid interacting with the emails, report them as spam/malicious, and ensure that they’re browsing the Web while using antimalware protection, and browser plugins.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Share this news now.
Spamvertised 'Termination of your CPA license' campaign serving client-side exploits by

Trackbacks

  1. [...] Email ‘Termination of your CPA license’ campaign serving client-side exploits [...]

  2. [...] Spamvertised ‘Termination of your CPA license’ campaign serving client-side exploits [...]

  3. [...] Public Accountants (CPAs) are a common target for cybercriminals. Throughout 2012, we intercepted several campaigns directly targeting CPAs in an attempt to trick them into [...]