![\"Intuit-Alerts-QuickBooks-Customers-of-Current-Phishing-Attacks-image1\"](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Intuit-Alerts-QuickBooks-Customers-of-Current-Phishing-Attacks-image1-1024x464.png\")
<\/figure><\/div>\n\n\n\nThe suggested way to deal with them is to delete them to bypass being affected by the Trojan or redirected to a phishing landing page created to harvest credentials.<\/p><\/p>\n\n\n\n
Customers who have already launched attachments or clicked links in the phishing emails should:<\/p><\/p>\n\n\n\n
- Delete any downloaded files immediately.<\/li>
- Scan their systems using an up-to-date anti-malware solution.<\/li>
- Change their passwords.<\/li><\/ul>\n\n\n\n
Intuit also facilitates the information on how the customers can protect themselves from phishing attempts on its support website.<\/p><\/p>\n\n\n\n
QuickBooks Customer also addressed by the Scammers<\/strong><\/h2>\n\n\n\n
In July, Intuit also warned its customers of phishing emails, asking them to call a phone number to upgrade to QuickBooks 2021 until the end of the month to avoid having their database corrupted or company backup files removed automatically.<\/p><\/p>\n\n\n\n
Our expert has discovered similar emails sent to Intuit users this month, using the very same templates with the upgrade deadline upgraded to the end of October. While Intuit did not explain how the upgrade scheme worked, from our experts’ previous encounter with similar scam trials, the scammers will try to take over the callers\u2019 QuickBooks accounts.<\/p><\/p>\n\n\n\n
To do that, they ask the victims to install remote access software like AnyDesk or TeamViewer while arranging as QuickBooks support staff. Next, they connect and ask the victims to facilitate the information required to reset their QuickBooks credentials and take over their accounts to siphon their money by making the payments in their names.<\/p><\/p>\n\n\n\n
If the victims also have two-factor authentication enabled, then the scammers will ask for the one-time authorization code they required to go ahead with the upgrade.<\/p><\/p>\n\n\n\n
![\"Intuit-Alerts-QuickBooks-Customers-of-Current-Phishing-Attacks-image2\"](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Intuit-Alerts-QuickBooks-Customers-of-Current-Phishing-Attacks-image2-1024x859.jpg\")
<\/figure><\/div>\n\n\n\nCopyright Scams and Accounts Takeover Attacks<\/strong><\/h2>\n\n\n\n
Besides these two existing campaigns, Intuit is also being represented by other threat actors in a fake copyright phishing scam, as SlickRockWeb CEO Eric Ellason said today.<\/p><\/p>\n\n\n\n
Recipients targeted by these emails risk infecting themselves with the Hancitor (aka Chanitor) malware downloader or have Cobalt Strike beacons deployed on their systems.<\/p><\/p>\n\n\n\n
The embedded links send the potential victims through advanced redirection chains using various security evasion tactics and victim fingerprinting malspam.<\/p><\/p>\n\n\n\n
In June, Intuit also reported to TurboTax consumers that some of their particular and commercial info was accessed by attackers following a set of account takeover attacks. The company also said that that was not a “systemic data breach of Intuit.”<\/p><\/p>\n\n\n\n
The company’s research exposed that the attackers used credentials gathered from “a non-Intuit source” to access the customers’ accounts and their name, Social Security number, addresses, date of birth, driver’s license number, financial information, and more. <\/p><\/p>\n","protected":false},"excerpt":{"rendered":"
Intuit has alerted QuickBooks users that they are targeted by an ongoing phishing operation of imitating the organization and trying to allure the probable victims with fabricates renewal charges. The organization said it get reports from the users that they were emailed and told that their QuickBook plans had expired. \u201cThis email did not come […]<\/p>\n","protected":false},"author":2,"featured_media":3384,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"\n
Intuit Alerts QuickBooks Customers of Current Phishing Attacks - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Intuit Alerts QuickBooks Customers of Current Phishing Attacks - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"Intuit has alerted QuickBooks users that they are targeted by an ongoing phishing operation of imitating the organization and trying to allure the probable victims with fabricates renewal charges. The organization said it get reports from the users that they were emailed and told that their QuickBook plans had expired. \u201cThis email did not come […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-09T13:31:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-09T13:31:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Intuit-Alerts-QuickBooks-Customers-of-Current-Phishing-Attacks-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Intuit Alerts QuickBooks Customers of Current Phishing Attacks\",\"datePublished\":\"2021-10-09T13:31:08+00:00\",\"dateModified\":\"2021-10-09T13:31:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\"},\"wordCount\":534,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\",\"url\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\",\"name\":\"Intuit Alerts QuickBooks Customers of Current Phishing Attacks - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-10-09T13:31:08+00:00\",\"dateModified\":\"2021-10-09T13:31:09+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Intuit Alerts QuickBooks Customers of Current Phishing Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Intuit Alerts QuickBooks Customers of Current Phishing Attacks - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Intuit Alerts QuickBooks Customers of Current Phishing Attacks - Xiarch Solutions Private Limited","og_description":"Intuit has alerted QuickBooks users that they are targeted by an ongoing phishing operation of imitating the organization and trying to allure the probable victims with fabricates renewal charges. The organization said it get reports from the users that they were emailed and told that their QuickBook plans had expired. \u201cThis email did not come […]","og_url":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-10-09T13:31:08+00:00","article_modified_time":"2021-10-09T13:31:09+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Intuit-Alerts-QuickBooks-Customers-of-Current-Phishing-Attacks-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Intuit Alerts QuickBooks Customers of Current Phishing Attacks","datePublished":"2021-10-09T13:31:08+00:00","dateModified":"2021-10-09T13:31:09+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/"},"wordCount":534,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/","url":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/","name":"Intuit Alerts QuickBooks Customers of Current Phishing Attacks - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-10-09T13:31:08+00:00","dateModified":"2021-10-09T13:31:09+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/intuit-alerts-quickbooks-customers-of-current-phishing-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Intuit Alerts QuickBooks Customers of Current Phishing Attacks"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3380"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=3380"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3380\/revisions"}],"predecessor-version":[{"id":3385,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3380\/revisions\/3385"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/3384"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=3380"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=3380"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=3380"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}