Intuit spam loads malware

As we are getting into tax season, online criminals are pumping in loads of Intuit spam. Intuit is famous for its TurboTax software.

The phishing email lures you into downloading an invoice:

The link opens an obfuscated page that references an iframe:

One of those is

It loads an Adobe Reader/Acrobat exploit (CVE-2010-0188) and the Microsoft Help Center vulnerability (CVE-2010-1885).

Full Wepawet report here.

As always, several thousand innocent websites have been infected to link to this exploit. (google “intu.html” in the URL)

Jerome Segura

Leave a Reply

Your email address will not be published. Required fields are marked *