• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Intuit issues yet another phishing warning to QuickBooks customers

You are here: Home / General Cyber Security News / Intuit issues yet another phishing warning to QuickBooks customers
May 27, 2022

A cushion on a sofa with Intuit's Quickbooks logo branded onto it

Shutterstock

Intuit has warned of a new phishing marketing campaign specially targeting the buyers of little company accounting software QuickBooks.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The most up-to-date phishing marketing campaign, which is the fifth key security threat the organization has issued warnings in excess of this 12 months, involves tricking end users into thinking their account has been suspended.

In an case in point email acquired by a customer, shared by Intuit, the phishing marketing campaign lacks some sophistication in that the sender’s web domain does not show up linked to possibly Intuit or the QuickBooks brand names.

In more latest advanced scams, hackers have been able to deliver e-mail to an organisation’s staff instantly off the again of current email chains to improve the level of deception and perceived authenticity.

The latest email campaign does adopt the QuickBooks branding in the email’s overall body and, in contrast to the extra frequent phishing scams, the language made use of is convincing and professional in tone.

Screenshot of phishing email sent to QuickBooks customers

Intuit

Victims are offered with a detect that their account will be suspended after the QuickBooks team were supposedly not able to validate account data.

There is a website link provided in the email that purports to acquire end users to a page to entire their account verification. Intuit did not say what happened if a user clicked on the connection, but the corporation did advise end users to delete nearly anything that was downloaded from the email.

This depth would suggest that the attack was attempting to distribute malware, which could be applied for any number of needs, together with info or credential theft, ransomware, and business enterprise email compromise attacks.

“Intuit has a short while ago been given reports from shoppers that they have received emails very similar to the one down below,” the organization explained in an announcement. “This email did not appear from Intuit. The sender is not connected with Intuit, is not an authorised agent of Intuit, nor is their use of Intuit’s brand names authorised by Intuit.”

QuickBooks users are suggested to delete anything that has been downloaded from email right away and operate a technique-broad scan using an up-to-date antivirus application. If the connection was clicked, customers need to also contemplate transforming their passwords, Intuit reported.

Intuit phishing attacks in 2022

Intuit’s QuickBooks application is made use of greatly by tiny and medium-sized companies (SMBs) across the planet. The company’s website claims it presently has 4.5 million customers around the globe.

The substantial person foundation has been a goal for cyber attackers this yr, specifically all over the US tax time when the business was compelled to issue two independent security advisories in as numerous times back again in February.

In equally phishing ripoffs, the email attempted to entice people with a fake account inactivity observe, proclaiming their account was disabled through a lack of use. Victims ended up presented with inbound links to a pretend Intuit web-site that could have been made use of to steal account qualifications.

Cyber criminals have targeted these forms of software package about tax seasons ahead of, both in the US this 12 months and in the UK in direction of the finish of 2021, as the self-assessment deadline approached.

The other two Intuit scams this 12 months occurred in April, as buyers documented phony e-mails relating to their software subscription. Intuit issued two different advisories for the campaigns that appeared to be joined given the similar phony email domains from which the payment receipt and payment invoices were despatched.


Some sections of this report are sourced from:
www.itpro.co.uk

Previous Post: «critical flaws in popular ics platform can trigger rce Critical Flaws in Popular ICS Platform Can Trigger RCE

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Intuit issues yet another phishing warning to QuickBooks customers
  • Critical Flaws in Popular ICS Platform Can Trigger RCE
  • Google adds new security vendor plugins for Chrome, improved Chrome OS policy controls for IT admins
  • NCSC Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments
  • Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller and Firewall Devices
  • Report Explores Child’s Data Safety Legislation Across 50 Countries
  • India’s SpiceJet Strands Planes After Being Hit By Ransomware Attack
  • Critical ‘Pantsdown’ BMC Vulnerability Affects QCT Servers Used in Data Centers
  • 18 Oil and Gas Companies Take Cyber Resilience Pledge
  • Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

Copyright © TheCyberSecurity.News, All Rights Reserved.