Attention users in the Netherlands! Cybercriminals want to serve you the new Java exploit via an email that reads “Let op! BTW tariefverhoging per 1 oktober 2012” (Attention! VAT rate increase per 1 October 2012).
The emails – apparently originating from BDO Accountants & Adviseurs – inform recipients that the rate of the value added tax (VAT) will increase starting with October 1, 2012, from 19% to 21%.
“The moment of conduct performance (either date of sale / supply of goods or services) determines the amount of the VAT rate. The invoice date on the sales receipt is not!” reads a translation of the email.
After further explanations, the user is instructed to check out a website allegedly prepared by the Ministry of Finance.
However, as Sophos experts highlight
, the link doesn’t point to an official government site, but to an obfuscated script that loads an applet identified as Exp/20124681-A
. This particular exploit carries the malicious code that leverages the now-infamous Java zero-day vulnerability.
While this particular email targets only Dutch users, chances are that we’ll see similar campaigns aimed at internauts worldwide.
Be advised that the malicious code doesn’t necessarily have to come in such emails. It can be anything from fake Facebook notifications to messages telling you that you’ve won a prize.
If you haven’t already disabled the Java plug-in in your web browser, now it would be the perfect time to do so.
In the meantime, Mozilla has blocked
the component in Firefox to ensure that its customers are protected. This is probably the safest move considering that there’s no patch in sight.
Even worse is the fact that, apparently, Oracle has been aware of the vulnerabilities
since April 2012, when experts from Security Explorations reported the bugs.