Intuit payroll free trial email launches malware attack

Filed Under: Malware, Spam

Intuit and malwareHave you received an unsolicited email from - what appears to be - Intuit Supplies Group? Be on your guard..

Malware is being spammed out to internet email users, posing as a message from the payroll software company Intuit.

The emails have the subject line "Your Intuit Online Payroll Free Trial", but attached to the messages is a ZIP file containing a malicious Trojan horse.

Malicious email claiming to come from Intuit. Click for larger version

The email looks convincing enough, and you can understand how some individuals and small businesses might feel tempted to learn more about the offer which they believe has been sent to them.

However, the attached ZIP file (which is 196,096 bytes in size) contains a malicious file called

Intuit Online Payroll Free Trial Detailed information.exe

which is designed to compromise the recipient's computer.

Of course, the emails are not really from Intuit - they are innocent casualties of the attack (their brand is being tarnished). Similarly, internet users who open the file attached to the malicious spam are at risk of falling victim to a malware infection.

Sophos is intercepting the messages as spam, and is adding detection of the Trojan horse file to its security products as Troj/Agent-TZG.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.