26 January 2017

Better Business Bureau warns of QuickBooks phishing scam

By Michael Cohn
Published January 25 2017, 2:56pm EST
The Better Business Bureau Northwest is sounding the alarm about a new email phishing scam targeting users of Intuit’s QuickBooks accounting software.

Victims receive an email in their inbox with the subject line, “QuickBooks Support: Change Request.” The email claims to be a confirmation from Intuit that a business has changed its name and contains a hyperlink that the recipient can click on to cancel the request. However, if email recipients click on the link, it directs them to a site that downloads malware to their device, according to Emily Valla of Better Business Bureau Northwest, who wrote an article for the Idaho Statesman warning about the scheme. The malware allows criminals to capture passwords and other personal information from a device.

The BBB Northwest is advising businesses not to click on such links. They should check the reply email address in such messages and “hover” their cursor over a suspicious-looking link to see where it leads before clicking to make sure it’s going to the correct web domain instead of one with a similar-sounding name. They should also consider how a company normally contacts them and whether this is an unusual request. 

Phishing emails can be skilfully constructed to impersonate a company, including using the actual corporate logo. Businesses should have processes in place to make sure employees don’t click on links in unexpected emails and know who to ask about what to do before they click.

Tax practitioners have also fallen victims to phishing schemes, and the Internal Revenue Service has periodically sent out warnings about the latest variations on the scams. Fraudsters sometimes purport to be emailing from the IRS or tax software companies to lure victims into divulging passwords or sensitive financial information.