Tax software vendor Intuit is warning QuickBooks customers that they are being targeted in an ongoing series of phishing attacks that impersonate the company and try to lure them with fake account suspension warnings.
See also: Hackers target the Russian government with phishing attacks
Today's alert comes after Intuit received several reports of users receiving these phishing emails notifying them that their QuickBooks accounts were suspended after a failed review business information.
"We are writing to inform you that following an audit of your business, we have been unable to verify certain information to your account. For this reason, we have put a temporary suspension on the account you," say the attackers in phishing messages when impersonation of the QuickBooks support team.
"If you think we have made a mistake, we would like to rectify the situation as soon as possible. To help us review effectively the account please fill in the following form verification form. Once the verification is complete, we will review your account within 24-48 hours."
Clicking the "Complete Verification" button in the phishing email will likely redirect recipients to a phishing landing site designed to collect their personal information Data or to infects the systems them with malware.
See also: Phishing sites use chatbots to steal credentials
The accounting software maker also added that the sender "is not affiliated with Intuit, is not an authorized Intuit representative, nor is the use of Intuit brands authorized by Intuit."
How to make sure you haven't been a victim of phishing
Intuit advises customers who received one of these phishing emails not to click on embedded links or to open attachments.
It is also recommended that you delete them from your inbox to avoid on Infection with malware or sending it to a page phishing landing under the control of the intruder who would attempt to gather the credentials of the objectives.
QuickBooks users who already have open attachments or have clicked on links after receiving one of these phishing emails should:
- Immediately delete all received files.
- Scan their systems using an up-to-date anti-malware solution.
- Change the passwords.
Intuit also provides detailed information on how customers can Protected by from phishing attempts on its support website.
Earlier in the year, in February, Intuit warned QuickBooks customers that they were the target of a phishing campaign that impersonated the company and threatened to delete their accounts.
See also: Spain: phishing group that emptied bank accounts arrested
In October, threat actors masquerading as Intuit's legal department targeted the company's customers in a fake phishing scam with royalty intellectual property that pushed the malware downloader Hancitor (also known as Chanitor) and beacons Cobalt Strike.
Source of information: bleepingcomputer.com
