Phishing email scam targets users of QuickBooks
Monday, December 7, 2009
Intuit is warning users of its popular QuickBooks accounting software that a supposed email warning from the company is actually a cleverly disguised malicious spam campaign, combining phishing techniques with a type of malware distribution.
The email tells victims that Intuit has recently been the subject of a hacker attack, and that personal data on QuickBooks users may have been compromised. Accordingly, says the phishing email, customers should download and install a "QuickBooks Update" plugin, which is actually a link to a malware installer. The precise type of malware is currently unknown, though data theft is thought to be part of its functionality.
PC Magazine notes that the attack is partially a Trojan horse, and not a pure phishing attack, and speculates that the malware could be used to steal personal information from Intuit customers. The company is frequently a target of phishing campaigns, reports the magazine.
Although carefully targeted "spear phishing" emails were the prevalent form of attempted identity theft earlier this year, more traditional phishing campaigns have been reported with increasing frequency as the year draws to a close.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
