Hackers Threaten to Cancel Intuit Accounts
Table of Contents
- By David Lukic
- Published: Feb 07, 2022
- Last Updated: Mar 18, 2022
Digital attackers are zeroing in on Intuit, threatening to remove accounts from the popular website. Though tax season tends to bring a flurry of online attacks, including those designed for identity theft, the digital threat targeting Intuit is especially concerning.
What is the Attack All About?
A phishing campaign targets intuit users. The campaign impersonates Intuit's tax-filing service, creating the impression that the site is sending users a legitimate link through email. The message's wording makes it appear that the targeted user's account will be closed if they do not click the link as directed. However, the link is not legitimate.
The attack aims to fool taxpayers into clicking the illegitimate link and planting malware onto their computers. The link also sets the stage for digital miscreants to steal target users' data.
What is Intuit's Response?
Intuit publicized a screen capture from the email users who have been targeted. The company's public relations team stressed the fact that Intuit did not transmit the message. The official statement communicates the sender is not tied to Intuit in any way, does not serve as an authorized agent of the company, and is not authorized by the company.
However, Intuit did not provide any solution for the phishing attack aside from advising taxpayers that the problem exists. Furthermore, Intuit did not detail what occurs if targeted individuals click the link. Intuit's public relations team stated that if the link within the email is clicked, the user should delete the downloaded information, scan the system with antivirus software and alter their password.
Who is Behind the Attack?
The fake email, allegedly stemming from Intuit's "Maintenance Team," is from hackers, yet no one is certain which hacking collective is responsible for the attack. The message states that the user's account has been disabled because of activity, and the account must be restored in the next 24 hours. The hackers also indicate that the request for account restoration results from a digital security upgrade on the database and server to commit an account takeover and susceptibility to attacks.
Is This the Only Major Phishing Attack to Arise in Recent Weeks?
In short, no. In recent weeks, phishing attackers have ramped up digital attacks both in terms of volume and creativity. Digital security specialists have pinpointed several new ways phishers are zeroing in on victims.
Aside from the Intuit attack noted above, Proofpoint researchers recently discovered digital miscreants are using phishing kits to sidestep multi-factor authentication and use tokens for authentication to bypass man-in-the-middle attacks.
Another phishing attack detailed last week indicates criminals are using a PowerPoint file considered "under-the-radar" to conceal harmful components that have the potential to alter the operating system's registry settings, setting the stage for the attacker to overtake the target's computer.
It is also worth noting a seemingly official Google Drive collaboration was recently revealed to be a phishing attack. The feature uses the comments section of Google Docs to fool targets into thinking presented links are legitimate when they are actually latent traps. Stay tuned as even more phishing attacks are revealed in the weeks and months ahead as tax season takes shape.
