Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams.
Malwarebytes Labs researchers seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent. The fake QuickBooks popup was previously described in detail by eSentire and reveals how scammers are able to hijack the software functionality by generating bogus alert messages.
Read more…
Source: malwarebytes Labs
Related:
- Researchers find stealthy MSSQL server backdoor developed by Chinese cyberspies
October 21, 2019
Chinese cyberspies have developed malware that alters Microsoft SQL Server (MSSQL) databases and creates a backdoor mechanism that can let hackers connect to any account by using a “magic password.” Furthermore, as an added benefit, the backdoor also hides user sessions inside the database’s connection logs every time the “magic password” is used, helping hackers remain ...
- Major Airport Malware Attack Shines a Light on OT Security
October 18, 2019
A cryptomining infection managed to spread to half of all workstations at a major international airport in Europe – shining a spotlight on security for operational tech and IT convergence. Researchers at Cyberbit found the XMRig Monero mining malware, which was a known strain called “Playerz,” but which skated by antivirus solutions on the endpoints by adding a ...
- Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
October 18, 2019
Previously undocumented group hits IT providers in the Middle East. A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. The group, which we are calling Tortoiseshell, has been active ...
- Phorpiex Botnet Shifts Gears From Ransomware to Sextortion
October 17, 2019
A recent wide-scale campaign indicates that a decade-old botnet is shifting gears from distributing ransomware to delivering millions of sextortion threats to innocent recipients. Worse, researchers say that the botnet’s spam campaign can affect up to 27 million potential victims. The botnet, Phorpiex, has been active for almost a decade and currently controls almost 500,000 computers globally. The ...
- Equipping the Education Sector With Threat Intelligence to Defend Against Cyberattacks
October 17, 2019
When you think about sophisticated cyberattacks, certain targeted industries probably come to mind immediately — government, critical infrastructure, and financial services, to name a few. It’s fair to say that for most people, the education sector isn’t generally first on that list. Despite this, educational institutions (particularly those in higher education) have become an increasingly popular ...
- Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws
October 17, 2019
Cisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points (APs) used by mid-size enterprises in their offices or small warehouses. It also issued a slew of additional patches addressing other flaws in its products. The most severe of the AP bugs is ...