The Latest in IT Security

AICPA Spam / thai4me.com

21
Feb
2012

Another spam run allegedly from “The American Institute of Certified Public Accountants” (AICPA) leading to malware, this time with a malicious payload on the domain thai4me.com.

From: Guillermo Reed [email protected]
Date: 20 February 2012 11:18
Subject: Income tax return fraud accusations.

You’re receiving this notification as a Certified Public Accountant and a member of AICPA.
Having trouble reading this email? View it in your browser.

AICPA logo
Termination of CPA license due to income tax fraud allegations
Dear AICPA member,

We have received a complaint about your possible involvement in income tax return fraud  for one of your clients. According to AICPA Bylaw Paragraph 500 your Certified Public Accountant status can be terminated in case of the aiding of filing of a false or fraudulent tax return on the member’s or a client’s behalf.

Please be informed of the complaint below and respond to it within 14 days. The failure to provide the clarifications within this period will result in termination of your Accountant status.

Complaint.pdf

The American Institute of Certified Public Accountants.

Email: [email protected]
Tel. 888.777.7077
Fax. 800.362.5066

=================

Date:      Tue, 20 Feb 2012 12:42:12 +0200
From:      “Devon Staley”
Subject:      Fraudulent tax return assistance accusations.

You’re receiving this message as a Certified Public Accountant and a member of AICPA.
Having trouble reading this email? View it in your browser.

Termination of CPA license due to tax return fraud accusations

Valued AICPA member,

We have been notified of your alleged involvement in tax return fraud for one of your employees. According to AICPA Bylaw Subsection 765 your Certified Public Accountant license can be cancelled in case of the fact of submitting of a false or fraudulent income tax return for your client or employer.

Please find the complaint below below and provide your feedback to it within 21 days. The failure to provide the clarifications within this term will result in withdrawal of your Accountant license.

Complaint.doc

The American Institute of Certified Public Accountants.

Email: [email protected]
Tel. 888.777.7077
Fax. 800.362.5066

=================

Date:      Tue, 20 Feb 2012 11:38:30 +0100
From:      “Ervin Witherspoon”
Subject:      Termination of your accountant license.

You’re receiving this email as a Certified Public Accountant and a member of AICPA.
Having trouble reading this email? View it in your browser.

Termination of CPA license due to tax return fraud allegations

Dear AICPA member,

We have received a complaint about your recent assistance in income tax refund fraudulent activity on behalf of one of your employees. According to AICPA Bylaw Paragraph 765 your Certified Public Accountant license can be withdrawn in case of the event of submitting of a false or fraudulent income tax return on the member’s or a client’s behalf.

Please familiarize yourself with the notification below and provide your feedback to it within 7 days. The failure to provide the clarifications within this term will result in suspension of your Accountant license.

Complaint.doc

The American Institute of Certified Public Accountants.

Email: [email protected]
Tel. 888.777.7077
Fax. 800.362.5066

The link leads through a legitimate hacked site to thai4me.com/main.php?page=7d486a09d440e84a which attempts to download a Java exploit. The domain thai4me.com is hosted on 41.64.21.71 (Dynamic ADSL, Egypt), 115.249.190.46 (Reliance Communication, India). Those IPs also contain other malicious sites, blocking them is probably a good move.

  1. Bill February 21, 2012

    Can anyone tell me what Java exploit was the target of the attack? We are doing a post mortum on this event, and we want to see if we were affected.

Leave a reply


Categories

TUESDAY, DECEMBER 11, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks