Just over 18 months ago, malicious emails claiming to originate from Intuit attempted to convince recipients they need to install a piece of software in order to access their QuickBooks accounts, giving them a three-day deadline to comply.
Those emails eventually went away, but that spam campaign is back in a brand new attempt to steal information from Intuit customers.
The email says:
“You will not be able to access your Intuit QuickBooks account without Intuit Security Tool (IST) after 31th of August, 2012.
“You can download Intuit Security Tool here.
“After a successful download please run the setup for an automatic installation, then login to Intuit Quickbooks online to check that it is working properly.”
Basically, the email looks exactly the same as the old variant, but the attackers updated the date.
The links from the email currently lead to a compromised website from Denmark on which the cyber criminals planted a phishing webpage.
The company warned users to avoid such emails ever since the campaign started. They highlight the fact legitimate emails will never contain “software update” or “software download” attachments.
Furthermore, Intuit will never ask customers for their usernames and passwords. Finally, similar to other organizations, they promise never to request banking information or credit card details via email.