One Article Review
| Source |  knowbe4 |
|---|---|
| Identifiant | 4094184 |
| Date de publication | 2022-02-08 14:23:51 (vue: 2022-02-08 15:06:18) |
| Titre | CyberheistNews Vol 12 #06 [Heads Up] Beware of New Quickbooks Payment Scams |
| Texte |
![CyberheistNews Vol 12 #06 [Heads Up] Beware of New Quickbooks Payment Scams](https://blog.knowbe4.com/hubfs/Stu_Headshot_2021_resize.png)
[Heads Up] Beware of New QuickBooks Payment Scams
Email not displaying? |
CyberheistNews Vol 12 #06 | Feb. 8th., 2022
[Heads Up] Beware of New QuickBooks Payment Scams
Many small and mid-sized companies use Intuit's popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program aggressively pushes other complimentary features. One of those add-on features is the ability to send customers' invoices via email.
The payee can click on a “Review and pay” button in the email to pay the invoice. It used to be a free, but less mature, feature years ago, but these days, it costs extra. Still, if you are using QuickBooks for your accounting, the ability to generate, send, receive and electronically track invoices all in one place is a pretty easy sell.
Unfortunately, phishing criminals are using QuickBooks' popularity to send business email compromise (BEC) scams. The emails appear as if they are coming from a legitimate vendor using QuickBooks, but if the potential victim takes the bait, the invoice they pay will be to the scammer.
Worse, the payment request can require that the payee use ACH (automated clearing house) method, which requires the payee to input their bank account details. So, if the victim falls for the scam, the criminal now has their bank account information. Not good.
Note: Some other QuickBooks scam warnings will tell you that QuickBooks will never ask for your ACH or banking details. This is not completely true. QuickBooks, the company and its support staff, never will, but QuickBooks email payment requests often do. Warn your users in Accounting.
CONTINUED at the KnowBe4 blog with both legit and malicious example screenshots:
https://blog.knowbe4.com/beware-of-quickbooks-payment-scams
|
| Envoyé | Oui |
| Condensat | #06 #06 000 000+ 013122 1/4 111 11643669114 11643979328 135 1564 1616 177 1900 1944 1:00 2014 2022 2:00 360 5bn 800 8th ability about above absolutely abundance access according account accounting ach across action actionable actions active activity actors add added adding additional address adds adopting advantage advertising after again against age aggressively ago aimed air airport all allows alps: also amazing amazon america amount animal animals another antivirus antoine any anymore anything appear appearing appreciated approach apt35 are aren armorblox around article articles ask assessments assigned astonishing athletes atsqjw attachments attack attackers attacks attacks: attempt attempts attending audits austria authentication automated average avoid awards: aware awareness baby back backgrounds bait bank banking base based basis bec because become been before begin beijing being believed benchmarking best better beware biases bill bleepingcomputer blog blog: books both brains brandable branded breached breaches britain broken brokerage brother brown browser browsing bucket build built bump burden burners burners/ business but button calculations call calling calls campaign campaigns can canyon capture car care career case cash caused cautious ceiling: cell ceo chain challenging changer changes changing check chef chemical chicago chief china chinese circuit: claimed clearing click clicked clicking clickjacking climb cmmc code cognitive collect collected collecting com/amazing com/article/fbi com/articles/cyberattack com/articles/going com/beware com/cyberheistnews com/dog com/dp/1092500847 com/increased com/le com/new com/news/microsoft/microsoft com/passengers com/perspective/cybercrime/the com/phone com/story/north com/the com/watch com/wcc/r/3594832/57c1a9c3c236c0f3332fda1714d040a9 com/wcc/r/3594855/b56090726426328f0038884e8ebb750a com/wcc/r/3636613/4e9639c0ad886b77f29bb4dc2082e375 com/web com/your combination come comes coming common companies company compare compel compiled completed completely compliance complied complimentary compromise compromised compromising computer computers concentrate concentrated concludes conclusion confirmation connects consumers contained container content continued continuing continuous control controls convincing cooperate cooperating coordinated copyright corp correctly cost costs could covid cpe create credentials credit criminal criminals culture custom customers cyber cyberattack cyberattacks cybercriminals cyberdefense cyberheist cyberheistnews cybersecurity cycled dashboards data data; date/time: days dealing decrease deer defend defense defenses delays delays” delete demo demonstration demos derren describes despite dessert details developed devices did die different difficult directed directory discovered displaying disruptions document documents does doesn dog doing domains don done down download drag dream driven driving drop due during earn easier easily easy ecently edition effective effectively: elaborate electronically eliminating else else: email emails embedded employee employees enable enabling encounter encouraged end engage engineering enhancing enough entertain entirety especially essential establishing estimate etc ethics european evangelist even event events every everyone everywhere evolve example examples execute execution expect experience expert exploited exploiting explores external extra extraordinary exupery eye faces factor failure fake falling falls familiar famous fave fbi feature features feb february feeling fell file filmed filters find findings: firewall firewalls first five flight flixxy focus follow following followup fool forming forms found founder four frameworks fraudulent free french fresh from fsb fun fun: further gain game gdpr generate generating get getting gill give gives giving going good gopro gov/news/speeches/countering government grc grimes group guard guests guidance guy hack hacked hacker hackers hacking hacks had half happy has hash have head: heads healthy hello help helps her here high higher him hints hipaa hi |
| Tags | Malware Hack Threat Conference |
| Stories | APT 35 |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.