Scam Alert: QuickBooks & Intuit Phishing Emails

Recently there has been a rise in the number of phishing emails that appear to be sent by QuickBooks and Intuit. These messages state that the customer has a payment due on an open invoice. The balance due on the fake email is a higher amount than the typical cost of the software and any subscriptions offered by Intuit.

3 Common Methods for Phishing:

  • Spoofed Email Address – We have seen fake email addresses such as intuit@hmrsss.com and quickbooks@bostonsat.com.
  • Fake Link – Never click on a link in a suspicious email. These links may take you to a site that asks you to log in, providing hackers with your account information. Use your mouse and hover over the link to see if you can spot a hidden web address that is different than the one on the surface. An example of a message that would be included with a fake link:

       “This invoice notification is being delivered to you by Intuit Invoice Services on behalf of Veri Facts Inc. Click the link above to find an invoice.”

  • Forged Website – Fake websites may appear like real sites by using company logos and images. When visiting financial sites, enter the known address into the browser field manually.

Phishing was listed as one of the top tax scams of 2017 and continues to be an issue.

If you receive these emails – do not click any links! Forward the email to spoof@intuit.com immediately. For more information and to learn steps to protect yourself from a phishing attack, see the Intuit forum article here.

LBA Haynes Strand is dedicated to alerting the public on any scam or fraudulous attempt to steal identities or gain access to important financial information.  If you are interested in automatically receiving updates such as this, please subscribe to our blog.