Viruses/phishing alerts from Aweb bulletins | AccountingWEB

Viruses/phishing alerts from Aweb bulletins

Some of our members have kindly informed us that our tax newsletter last Monday triggered a MessageLabs alert along the lines of “WARNING. Someone tried to send you a potential virus or unauthorised code”.

Security is obviously paramount to AccountingWEB and we’ve looked into the issue over the weekend.

The alert relates to “Possible MalWare 'Exploit/Fraud-AccUpdate' which relates specifically to phishing emails rather than virus or similar threats.

If you are using MessageLabs these massages are coming from your own internal systems. According to MessageLabs, these are mails that are similar to phishing mails; however, they ask users to reply with their user name and password and are usually for Webmail accounts.

Some words or links in our email appear to have triggered these alerts, but you can be certain we have not sent you anything that contains a virus, phishing message or similar threat. While we’re looking into the suggestion that links to HMRC may well have stimulated this response we would like to take this opportunity to reassure all users.

Apologies to everyone who has experienced difficulties relating to this and we thank those who have alerted us to this issue.

daveforbes's picture

more to it than that

daveforbes | | Permalink

I think someone was actually sending out a phishing email pretending to be from

... unless you have an operation in Estonia.


robertlovell's picture issue

robertlovell | | Permalink

Hi Dave,

Thanks for your comment and for forwarding the phishing email.

I understand that this is in fact a separate issue on the site, which had similar issues last week. I've forwarded your email on to their editor Gail Perry who should be able to get back to you with some more information on this.



daveforbes's picture

No information needed

daveforbes | | Permalink


No need for further information. I was already sure the email did not really come from AWEB.

Unfortunately it is all too easy to send out a fake email spoofing the sender address. We have the domain and it is regualrly put in as the "sender" in phishing emails.