Over 200 unique URLs have been identified in a series of emails that urge users to verify their accounts after some discrepancies were identified by the sender company.
The phony emails, apparently coming from a legitimate company, read:
With intent to assure that the exact information is being sustained on our systems, as well as to improve the quality of service we can provide to you; [COMPANY NAME] has participated in the Internal Revenue Service [IRS] Name and TIN Matching Program.
We have found out, that your name and/or TIN, that we have on your account is different from the information on file with the Social Security Administration.
In order to verify your account, please enter the secure section.
This file serves the Blackhole toolkit looking for various vulnerabilities on the victim’s computer, the final payload being identified as Trojan.Zbot.
Users are advised not to click on links that come with a suspicious looking email, but also to avoid opening attachments, especially if they’re represented by exe, zip, or pdf files.
Security solutions are highly important since in most cases they can protect a machine against pieces of malware and other malicious attacks.
If by mistake you’ve already clicked on the link in such an email, be sure to run a full system scan using a reliable, updated security application.