Malware-laden email from Intuit Financial Services has been reported, but how did this happen? The following was submitted to DataBreaches.net by a reader:
From: Intuit Financial Services
Sent: Thursday, June 14, 2012 11:29 PM
To: IFS Clients
Subject: Innovation Conference email issue – June 14Earlier today you received an email from Intuit_Innovation_Conference@mail.vresp.com with the subject line “Now’s your chance: Reserve your spot at this year’s must-attend event.”
The email, sent by Intuit Financial Services using a third-party vendor, included embedded html code that contained malicious content. Some recipients may have received virus warnings upon receipt of the email.
The malicious content in the email was NOT hosted on any Intuit-owned system, it does not affect your Intuit products or services and your end users are not affected.
RECOMMENDED ACTIONS
1. If you have not opened the email, please delete it from your inbox.
2. If you received a virus alert upon receipt of the email, please delete the email.
3. If you opened the email, we recommend you run your anti-virus software as a precaution.
You may also want to notify your security team and/or your email administrators.
Today’s Innovation Conference email is the only email affected by the malicious content. Other emails from Intuit are not affected. Again, the malicious content does not affect your products and services hosted by Intuit, and your end users are not affected.
[…]
There is no security alert on Intuit’s web page at this time. Nor do I see anything on VerticalResponse’s site.
The recipient noted that the e-mail “came from a valid sender for the domain complete with SPF and DomainKeys validation.” So this sounds somewhat serious. Intuit Financial Services’ web site says they have 1,800 financial institutions as clients and they manage online banking platforms.
Perhaps one of the two firms would be kind enough to explain what happened and how it happened?