On February 1st, 2022, Intuit issued a new security notice warning customers about an ongoing email phishing campaign targeting QuickBooks users and threatening to disable their accounts. The emails appear to come from Intuit and direct users to "https://proconnect.intuit.com/Pro/Update" to re-enable their accounts. However, this link will likely lead to an attacker-controlled website designed to infect users' computers with malware or gather personal or financial information.
In their security notice, Intuit warns clients not to click any links within these emails and to delete the emails immediately if one is received. Additionally, they suggest scanning your local computer immediately to be sure no other infections have occurred as well as changing your passwords.
What is "phishing" and how can you prevent it?
Phishing emails are one of the most common attacks used to gather users' confidential information. They come in the form of emails or texts and often look to impersonate a co-worker, colleague, or business to gain your trust and get you to act. There are several ways to identify these types of attacks, but they are constantly evolving and becoming more realistic when imitating the sender. Some tips for identifying a phishing email and avoiding being a victim would be:
- Hover over any links sent in any email you receive. Hovering over the link and not clicking on it will allow the full URL to be displayed. If the URL doesn't match the one shown in the email, this link is likely fake, and the email is a phish.
- Look closely at the "from" email address. Attackers can easily spoof the names of co-workers, colleagues, and companies, but their email addresses are more difficult to replicate. If the email address is slightly different from what it should be, it is likely a phishing email.
- Never click or download any attachments you are not expecting to receive. Attachments often contain malware, viruses, or other malicious pieces of code designed to compromise your data. Downloading or clicking an attachment without verifying its legitimacy with the sender could lead to a security breach.