Phishing scam targets QuickBooks users
By Warren Slaughter
Special to the Texan
If you use any software made by Intuit – makers of QuickBooks, Quicken, TurboTax – you could be targeted for an email scam.
A business here in Dalhart received what looked like an official email from Intuit, complete with the company’s logo and mailing address in Arizona. The email stated that effective January 27, users would have to get a valid Digital Certificate installed on their computer to access Intuit.
“Without special safeguards, you risk being impersonated online. Digital certificates provide an electronic means for Intuit to verify your identity,” the email states.
Sounds pretty convincing, doesn’t it? However, the “phisher” (I would like to call him some other names, but mixed company prevents me from doing so) tips his hand in the next paragraph:
“The Intuit server has its own digital certificate to assure you that you are actually connecting with Intuit and not with a gyp.”
WHOA!!!! Who has ever heard of using the word “gyp” in a formal business letter? Talk about paddle faster, I hear banjos.
This email also has a link to click to download the Digital Certificate generation tool. DO NOT CLICK ON THIS LINK!!
If you receive an email that appears to be from Intuit that requests you to click on a link to download software, forward it to firstname.lastname@example.org and then delete it from your computer. Their security team will investigate every incident they receive. Intuit will never send you an email with a “software update” or a “download attachment.” They will not ask for your Intuit login information or for your bank account or credit card information.
Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords or account numbers by masquerading as a trustworthy entity in an electronic communication.