fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Intuit Warns QuickBooks Customers Of Ongoing Phishing Attacks

Intuit Warns QuickBooks Customers Of Ongoing Phishing Attacks

Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges.

The company said it received reports from customers that they were emailed and told that their QuickBooks plans had expired.

“This email did not come from Intuit. The sender is not associated with Intuit, is not an authorized agent of Intuit, nor is their use of Intuit’s brands authorized by Intuit,” Intuit explained.

The financial software firm advises all customers who received one of these phishing messages not to click any links embedded in the emails or open attachments.

Also Read: Buying a Paper Shredder Singapore: 5 Important Factors to Consider

Intuit QuickBooks phishing email
Intuit QuickBooks phishing email (Intuit)

The recommended way to deal with them is to delete them to avoid being infected with malware or redirected to a phishing landing page designed to harvest credentials.

Customers who have already opened attachments or clicked links in the phishing emails should:

  1. Delete any downloaded files immediately.
  2. Scan their systems using an up-to-date anti-malware solution.
  3. Change their passwords.

Intuit also provides information on how customers can protect themselves from phishing attempts on its support website.

QuickBooks customers also targeted by scammers

In July, Intuit also alerted its customers of phishing emails, asking them to call a phone number to upgrade to QuickBooks 2021 until the end of the month to avoid having their databases corrupted or company backup files removed automatically.

BleepingComputer found similar emails sent to Intuit customers this month, using a very similar template with the upgrade deadline changed to the end of October.

While Intuit didn’t explain how the upgrade scheme worked, from BleepingComputer’s previous encounters with similar scam attempts, the scammers will attempt to take over the callers’ QuickBooks accounts.

To do that, they ask the victims to install remote access software like TeamViewer or AnyDesk while posing as QuickBooks support staff.

Also Read: Letter of Consent MOM: Getting the Details Right

Next, they connect and ask the victims to provide the information needed to reset their QuickBooks password and take over their accounts to siphon their money by making payments in their names.

If the victims also have two-factor authentication enabled, the scammers will ask for the one-time authorization code they need to go ahead with the upgrade.

QuickBooks deadline scam
QuickBooks upgrade deadline scam email (BleepingComputer)

Copyright scams and account takeover attacks

Besides these two active campaigns, Intuit is also being impersonated by other threat actors in a fake copyright phishing scam, as SlickRockWeb CEO Eric Ellason said today.

Recipients targeted by these emails risk infecting themselves with the Hancitor (aka Chanitor) malware downloader or have Cobalt Strike beacons deployed on their systems.

The embedded links send the potential victims through advanced redirection chains using various security evasion tactics and victim fingerprinting malspam.

In June, Intuit also notified TurboTax customers that some of their personal and financial info was accessed by attackers following a series of account takeover attacks. The company also said that that was not a “systemic data breach of Intuit.”

The company’s investigation revealed that the attackers used credentials obtained from “a non-Intuit source” to access the customers’ accounts and their name, Social Security number, address(es), date of birth, driver’s license number, financial information, and more.

TurboTax customers were targeted in at least three other account takeover attack campaigns in 2014/2015 and 2019.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us