Around one and a half years ago, malicious emails claiming to originate from Intuit attempted to convince recipients that they need to install a piece of software in order to access their QuickBooks accounts, giving them a three-day deadline to comply.
It seems that this spam campaign has been reinitialized in an attempt to steal sensitive information from Intuit customers. Here’s what these emails look like:
You will not be able to access your Intuit QuickBooks account without Intuit Security Tool (IST) after 31th of August, 2012.
You can download Intuit Security Tool here.
After a successful download please run the setup for an automatic installation, then login to Intuit Quickbooks online to check that it is working properly.
Basically, the email looks exactly the same as the old variant, but the cybercrooks updated the date, and most likely they’ll continue doing so.
The links from the email currently lead to a compromised website from Denmark on which the cybercriminals planted a phishing webpage.
The company has warned users to avoid such emails ever since the campaign started. They highlight the fact that legitimate emails will never contain “software update” or “software download” attachments.
Furthermore, Intuit will never ask customers for their usernames and passwords. Finally, similar to other organizations, they promise never to request banking information or credit card details via email.
And this is not the only type of Intuit email you should beware of. Back in June we reported that fake Intuit tax information update notifications were making the rounds, luring recipients to another hijacked website from Denmark.
Users are advised to report any suspicious emails to firstname.lastname@example.org. By reporting suspicious emails you can help the company keep all its customers informed on the latest threats that may be leveraging its reputation to cause damage to the computers of unsuspecting internauts.