14 DAY TRIAL // Bogus QuickBooks invoices sent via email by cybercriminals are being used to spread a piece of malware, security experts warn.
The QuickBooks accounting software developed by Intuit is often leveraged in spam runs. Conrad Longmore of Dynamoo’s Blog has come across another such campaign.
The fake Intuit emails appear to come from “QuickBooks Invoice” and they’re entitled “Important – Payment Overdue.”
“Please find attached your invoices for the past months. Remit the payment by 09/16/2013 as outlines under our ‘Payment Terms’ agreement. Thank you for your business,” read the emails signed by one Quentin Sprague.
The file that’s attached to the notification, Invoice_20130912.zip, contains an executable which hides a new variant of the notorious ZeuS Trojan, a piece of malware designed to steal sensitive information from infected computers.
Once it infects a system, the Trojan communicates with a domain hosted on a hacked server. The same server has been used recently in a USPS spam campaign.