QuickBooks owner Intuit recently warned users that they risk being targeted by an ongoing series of fake emails designed to trick customers into thinking their account has been suspended and allow cybercriminals to steal critical financial information.
Typically, QuickBooks customers will receive an email purporting to be from the vendor’s support team but actually from cybercriminals, notifying them that their accounts have been suspended following a failed business information review.
One example shared by parent company Intuit states: “We’re writing to let you know that after conducting a review of your business, we have been unable to verify some information on your account. For that reason, we have put a temporary hold on your account.”
While the screenshot of another scam email displayed above is relatively convincing in terms of its branding and avoids many of the spelling and grammatical errors that marked out such attacks in the past, warning lights should flash due to the fact that the correspondence comes from an outlook.com email address rather than a legitimate QuickBooks address.
As such, Intuit has issued the following guidance for users, stating that the company never:
- Sends an email with a supposed “software update” or “software download” attachment
- Sends an email asking the recipient to send sign-in or password details
- Asks for bank or credit card details in an email message.
- Asks business users for confidential information about employees in an email.
It has also provided tips on how to identify suspicious activity, phishing scams, and potential fraud, which outlines that company emails will always come from an email address that ends with @intuit.com (also including @e.intuit.com). Any link sent to customers will also always be for an intuit.com address.
The company recommends that users delete emails flagged as phishing attacks. If customers have already clicked on a link or downloaded something from the email, it states they should delete the download immediately, scan their system using an up-to-date anti-virus program and change their passwords.
This year alone Intuit has issued six warnings on its security notices page about various phishing scams designed to trick users into revealing personal information or expose them to downloads of malware that will infect their computers.
It is likely that QuickBooks’ software has become a target for cybercriminals due to the size of its userbase – a reported 4.5 million – and its usage among small and medium-sized businesses that are typically not able to keep an IT team on the books.