CyberCriminals have taken advantage of the new critical java vulnerability ,sending out malicious emails which pretend to come from an accountancy firm announcing a rise in the tax rate.
Sophos researchers intercepted emails titled “Let op! BTW tariefverhoging per 1 oktober 2012” (Google Translate: Attention! VAT rate increase per 1 October 2012) which is purported to be from BDO Accountants & Adviseurs.
"As you may have already understood, the high rate of turnover tax by October 1, 2012 increased from 19% to 21%." The spam mail reads(translated).
"The moment of conduct performance (either date of sale / supply of goods or services) determines the amount of the VAT rate. The invoice date on the sales receipt is not (!) Important for the handle VAT rate (or for the period of turnover tax)."
Users are asked to visit a link for further details. Clicking the link will executes the obfuscated script that attempts to load an applet which exploits the java zero-day vulnerability(CVE-2012-4681).
"Although this particular attack uses Dutch language to try to trick users into following the link there is, of course, no reason why cybercriminals wouldn't also try similar tactics in other more commonly-used languages too. So, no-one should be complacent about the threat posed by this Java vulnerability." sophos researcher says.
Sophos researchers intercepted emails titled “Let op! BTW tariefverhoging per 1 oktober 2012” (Google Translate: Attention! VAT rate increase per 1 October 2012) which is purported to be from BDO Accountants & Adviseurs.
"As you may have already understood, the high rate of turnover tax by October 1, 2012 increased from 19% to 21%." The spam mail reads(translated).
"The moment of conduct performance (either date of sale / supply of goods or services) determines the amount of the VAT rate. The invoice date on the sales receipt is not (!) Important for the handle VAT rate (or for the period of turnover tax)."
Users are asked to visit a link for further details. Clicking the link will executes the obfuscated script that attempts to load an applet which exploits the java zero-day vulnerability(CVE-2012-4681).
"Although this particular attack uses Dutch language to try to trick users into following the link there is, of course, no reason why cybercriminals wouldn't also try similar tactics in other more commonly-used languages too. So, no-one should be complacent about the threat posed by this Java vulnerability." sophos researcher says.