The arrival of this spam coincides with this year's tax season, predictably sent at this specific time in order to take advantage of taxpayers getting their finances in order. Purporting itself to be from financial and tax preparation software company Intuit, Inc, the spammed message informs users that the company has participated in the Internal Revenue Service Name and TIN Matching ProgramIt then notifies users that their account information does not supposedly match the data provided by the United States Social Security Administration(SSA). As such, users are obliged to provide their personal information by clicking on a URL that points to a fake Intuitwebsite and entering it there. In other instances, clicking on the link in the spammed message leads users to a site similar to the one below:
Spammers behind this even used the From field to trick users into believing that this came from the legitimate Intuit, Inc. Users who may fall victim to this particular ploy could find themselves supplying cybercriminals with their own credentials, which in turn may lead to identity theft or other malicious criminal activities.
Should users receive messages of a similarly suspicious nature, Trend Micro strongly recommends to delete such messages immediately. Best to check the official Internal Revenue Service website to check for such programs and avail of them there. Users are also advised to be vigilant, most especially during tax season and other noteworthy occasions. Social engineering based on events and seasons are just one of the tools that cybercriminals use in their crimes.