As we are getting into tax season, online criminals are pumping in loads of Intuit spam. Intuit is famous for its TurboTax software.
The phishing email lures you into downloading an invoice:
The link opens an obfuscated page that references an iframe:
One of those is perikanzas.com/main.php?
It loads an Adobe Reader/Acrobat exploit (CVE-2010-0188) and the Microsoft Help Center vulnerability (CVE-2010-1885).
Full Wepawet report here.
As always, several thousand innocent websites have been infected to link to this exploit. (google “intu.html” in the URL)