Malware comes with this fake spammed email spoofing an official notification from TurboTax, a popular tax management software made by US-based financial and tax software company Intuit. At first glance the e-mail looks like a legitimate notification, notifying that the user's personal tax return has been rejected and that they should open the attached archive for more details. Upon further investigation, it is discovered that the header is indeed fake, and the attached file archive malicious. This spam was discovered with the US tax season nearing, which supports the assumption that the cybercriminals responsible have been looking into taking advantage of users who are filing their tax reports early.
Users should tread carefully whenever they receive similar emails, and not open attachments without first verifying the legitimacy of the received email itself.
This spam and the malware attached is blocked by the Trend Micro Smart Protection Network.
SPAM BLOCKING DATE / TIME: February 15, 2013 GMT-8