Intuit warns of QuickBooks phishing threatening to suspend accounts
Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings.
Today’s alert comes after Intuit received multiple user reports who received these phishing emails and notified their QuickBooks accounts were suspended following a failed business info review.
“We’re writing to let you know that after conducting a review of your business, we have been unable to verify some information on your account. For that reason, we have put a temporary hold on your account,” the attackers say in the phishing messages while impersonating the QuickBooks support team.
“If you believe that we’ve made a mistake, we’d like to remedy the situation as quickly as possible. To help us effectively revisit your account please complete the below verification form. Once verification has been completed, we will re-review your account within 24-48 hours.”
Clicking the “Complete Verification” button in the phishing email will likely redirect the recipients to a landing phishing site designed to harvest their personal information or infect their systems with malware.
The accounting software maker also added that the sender “is not associated with Intuit, is not an authorized agent of Intuit, nor is their use of Intuit’s brands authorized by Intuit.”
Intuit advises customers who received one of these phishing messages not to click any embedded links or open attachments.
It also recommends deleting them from the inbox to avoid getting infected with malware or sent to some phishing landing page under the attacker’s control that would attempt to harvest the targets’ credentials.
QuickBooks users who have already opened attachments or clicked links after receiving one of these phishing emails should:
- Delete any downloaded files immediately.
- Scan their systems using an up-to-date anti-malware solution.
- Change their passwords.
Earlier this year, in February, Intuit warned QuickBooks customers they were the targets of a phishing campaign impersonating the company and threatening to delete their accounts.
In October, threat actors masquerading as Intuit’s legal department targeted the company’s customers in a fake copyright phishing scam pushing the Hancitor (aka Chanitor) malware downloader and Cobalt Strike beacons.
With thanks to the Cyber Defence Alliance and BleepingComputer. The full story is here: https://www.bleepingcomputer.com/news/security/intuit-warns-of-quickbooks-phishing-threatening-to-suspend-accounts/
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW