Save content
Have you found this content useful? Use the button above to save it to your profile.
Fishing hooks dangling down trying to steal users' financial data

Intuit issues phishing warnings to QuickBooks users


QuickBooks owner Intuit has warned users that they risk being targeted by an ongoing series of fake emails designed to trick customers into thinking their account has been suspended and allow cybercriminals to steal critical financial information.

4th Aug 2022
Save content
Have you found this content useful? Use the button above to save it to your profile.

Typically, QuickBooks customers will receive an email purportedly from the vendor’s support team (but actual from cybercriminals) notifying them that their accounts have been suspended following a failed business information review.

One example shared by parent company Intuit states: "We're writing to let you know that after conducting a review of your business, we have been unable to verify some information on your account. For that reason, we have put a temporary hold on your account," 

Example of a phishing email sent to Intuit QuickBooks users

While the screenshot of another scam email displayed above is relatively convincing in terms of its branding and avoids many of the spelling and grammatical errors that marked out such attacks in the past, warning lights should flash due to the fact the correspondence comes from an email address rather than a legitimate QuickBooks address.

Intuit has issued guidance for users, stating that the company never:

  • Sends an email with a supposed "software update" or "software download" attachment.
  • Sends an email asking the recipient to send sign-in or password details.
  • Asks for bank or credit card details in an email message.
  • Asks business users for confidential information about employees in an email.

It has also provided tips on how to identify suspicious activity, phishing scams, and potential fraud, which outlines that company emails will always come from an email address that ends with (also including Any link sent to customers will also always be for an address.

The scam appears to cut across both the vendor's cloud and desktop products. In a worrying development pointing to the increasing sophistication of such scams, Intuit also stated that hackers appear to now be able to link emails to existing email chains, boosting the perceived authenticity of such communications.

The company recommends that users delete emails flagged as phishing attacks. If customers have already clicked on a link or downloaded something from the email, it states they should delete the download immediately, scan their system using an up-to-date anti-virus program and change their passwords.

This year alone Intuit has issued six warnings on its security notices page about various phishing scams designed to trick users into revealing personal information or expose them to downloads of malware that will infect their computers.

It is likely that QuickBooks’ software has become a target for cybercriminals due to the size of its userbase - a reported 4.5 million - and its usage among small and medium-sized businesses that are typically not able to keep an IT team on the books.

Replies (1)

Please login or register to join the discussion.

By Silver Birch Accts
04th Aug 2022 17:37

Nice to know.

Thanks (1)