A software vendor has warned QuickBooks users of a phishing campaign that will threaten them with suspension warnings. The vendor indicated that the phishing attack baits its targets with fake account suspension to lure them into accessing the message effectively.
The software vendor immediately published the advisory after receiving multiple reports about the phishing emails. According to the news, QuickBooks accounts were suspended after a failed business information review was delivered by the unidentified threat actors.
Moreover, the threat actors sent written reports informing their targets that they were reviewing businesses. After sending the fake warning, the threat actors will announce that the target’s account will be on an unreal temporary hold. Experts believe that the adversaries are impersonating the QuickBooks support team to make their attacks more credible.
The actors then continue the message by stating that they will provide a remedy for the fake situation if the targets think that they made a mistake. If the target bites the bait, they will be redirected by the threat actors to their account to log in to their credentials.
However, when the targets complete the verification process, the “Complete Verification” button in the phishing email will redirect them to a hostile landing page that the threat actors design to gather their credentials and infect their systems with malware.
The software maker then added that the sender of the phishing email is not affiliated with them nor an authorised agent of their firm. The company then advises their customers who receive such messages not to click any attached link or access any embedded file and also recommended that users delete them from their inboxes to avoid getting infected with malware or accidentally accessing the hostile message.
QuickBooks users who were already infected by the attack should follow the mitigation steps or contact a legitimate support group.
Those QuickBooks users who have already accessed the links or opened the attachments from the phishing emails should delete the downloaded file provided, scan their systems with an intelligent malware solution, and change their passwords.
The software vendor then provided detailed information on how their customer can protect themselves and mitigate the damages of these phishing attempts on their support website.
