Announcement

Collapse
No announcement yet.

QuickBooks phishing

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • QuickBooks phishing

    Just saw an email go through the server at the office telling a QuickBooks user that he should go to a website to get a certificate for use with QB to connect to Intuit. Details on the scam:

    http://community.intuit.com/posts/ph...-scam-or-legit

    It set off my warning bells as it looked so much like a WoW phish intended to steal one's game credentials.
    Dude, seriously, WHAT handkerchief?

    snooggums' density principal: "The more dense a population, the more dense a population."

    Iliana: "You're a great friend but if we're ever chased by zombies I'm tripping you."

  • #2
    Re: QuickBooks phishing

    Originally posted by ScratchMonkey View Post
    Just saw an email go through the server at the office telling a QuickBooks user that he should go to a website to get a certificate for use with QB to connect to Intuit. Details on the scam:

    http://community.intuit.com/posts/ph...-scam-or-legit

    It set off my warning bells as it looked so much like a WoW phish intended to steal one's game credentials.
    What a horrible response. Without any formatting, when I skimmed that response, it seemed to confirm the need to get a security plug in if one wanted to continue using Intuit's services... The lines, "The text of the fraudulent emails are below. The first email is about a fake security plug-in. " and "This is the end of the first fraudulent email." are very easy to miss. I'm surprised at such an unprofessional answer from a company who's success hinged/hinges on their ability to convince people that online money management is secure.
    Become a supporting member!
    Buy a Tactical Duck!
    Take the world's smallest political quiz! "I was touched by His Noodly Appendage."
    TacticalGamer TX LAN/BBQ Veteran:

    Comment


    • #3
      Re: QuickBooks phishing

      At first as I read the phishing email, I thought it might really be from Intuit. The spelling was mostly correct, but the grammar was off. And I figured big corporations are hiring a lot of morons these days who can't spell and have poor grammar. Or they don't speak English as a first language and mess up a lot of idioms. So poor English actually contributes to the spread of malware, but forcing us to set our standards lower.

      Fortunately, I know enough about the technology of email that I could spot tell-tails in other parts of the message. For example, the Received headers (which Outlook hides from you) show that it never went through an Intuit server, just some anonymous server that submitted directly into Yahoo. The links provided went to some oddball domain, without Intuit in the name, and the actual links are something the average Outlook user isn't likely to look at. It doesn't help when companies send mass emails from mass marketing services they don't own, because then the domain really is completely unrelated to the source. This kind of obfuscation in legitimate mail is hence harmful to normal users.

      But look closely at the links in any email. The WoW phish I receive often show a legitimate URL in the text but mousing over reveals that the real link is to a bogus site with a similar name. This is a good reason why HTML is a bad format for email. It's way too easy to hide evil in HTML. Avoid sending HTML email unless you absolutely must, as the very presence of HTML is a clue that the message might contain spam or a virus.
      Dude, seriously, WHAT handkerchief?

      snooggums' density principal: "The more dense a population, the more dense a population."

      Iliana: "You're a great friend but if we're ever chased by zombies I'm tripping you."

      Comment

      Connect

      Collapse

      TeamSpeak 3 Server

      Collapse

      Advertisement

      Collapse

      Twitter Feed

      Collapse

      Working...
      X