Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Intuit Warns of Phishing Emails Threatening to Delete Accounts

Intuit Warns of Phishing Emails Threatening to Delete Accounts

Accounting and tax software provider Intuit has notified customers of an ongoing phishing campaign impersonating the company and trying to lure victims with fake warnings that their accounts have been suspended.

Intuit’s alert follows reports received from customers who were emailed and told that their Intuit accounts were disabled following a recent server security upgrade.

“We have temporarily disabled your account due to inactivity. It is compulsory that you restore your access within next 24 hours,” the attackers say in the phishing messages, masquerading as the Intuit Maintenance Team.

Also Read: 7 Useful Tools On How To Find Company Contact Information

“This is a result of recent security upgrade on our server and database, to fight against vulnerability and account theft as we begin the new tax season.”

The recipients are instructed to go to https://proconnect.intuit.com/Pro/Update immediately to restore access to their accounts.

Clicking the link will likely redirect them to an attacker-controlled phishing site designed to infect them with malware or harvest their financial or personal information.

Those who might think twice before clicking the embedded link are warned that they might permanently lose access to their accounts.

The financial software maker said that it’s not behind these emails and that the sender “is not associated with Intuit, is not an authorized agent of Intuit, nor is their use of Intuit’s brands authorized by Intuit.”

Intuit phishing email
Sample phishing email (Intuit)

How to avoid getting phished

The maker of TurboTax and QuickBooks urges all customers who have received one of these phishing emails not to click any embedded links or open attachments.

Also Read: 3 Easy Ways for Hard Disk Recycling Protecting Businesses

The recommended way to tackle these phishing attempts is to delete the emails to avoid getting infected with malware or being redirected to a phishing landing page that would try to hand over your credentials.

Customers who already opened attachments or clicked the links in such phishing emails should:

  1. Delete any downloaded files immediately.
  2. Scan their systems using an up-to-date anti-malware solution.
  3. Change their passwords.

Intuit also shares info on how its customers can protect themselves from phishing attacks on its support website.

In October, the company also warned QuickBooks customers of phishing attacks using fake renewal charges as lures.

The same month, QuickBooks users were targeted by scammers via sites threatening them to upgrade to avoid having their databases corrupted or company backup files removed automatically with the end goal of taking over their accounts.

TurboTax customers were also affected by at least four account takeover attack campaigns in 2014/20152019, and 2021.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us