With the April 15 U.S. tax deadline looming, millions of users are logging in to manage their finances online—unfortunately, cybercriminals are watching too. Leveraging this surge in digital activity, attackers are exploiting trusted platforms like Google to deceive users of Intuit’s QuickBooks.
By purchasing top Google Ads placements, hackers are directing users to authentic-looking but fraudulent login pages. These fake portals are designed to steal crucial information including usernames, passwords, and even one-time passcodes (OTPs)—granting criminals access to victims’ financial data needed for filing taxes.
Understanding how this scam works is the first step toward staying safe. Phishing scams targeting accounting software are nothing new. Fraudulent support calls and infected software downloads—often traced to large-scale operations in India and nearby regions—have long been tactics in the scammer playbook.
Late last year, security experts uncovered a malicious QuickBooks installer that prompted users to call a fake support number through a deceptive pop-up.
This new scam is even more concerning. Instead of malware, attackers are now going straight for login credentials. The scam begins with a simple Google search. An ad mimicking Intuit’s branding for “QuickBooks Online” leads users to a convincing fake website.
- This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: