Phishing - Intuit Payroll Notices
About a year ago, I had several payroll-related phishings, about an urgent issue with direct deposit. It had my full name in the email and used an Intuit email address. It even had the Intuit logo in it and looked very authentic.
From: Intuit Payroll Services <IntuitPayrollServices@payrollservices.intuit.com
Subject: Action Required: Your bank returned the Direct Deposit Service debit
Direct Deposit Service Communication
Action Required
Dear Client
Your bank returned the Direct Deposit Service debit for the payroll dated March 4, 2019 in the amount of $12,260.09 due to Insufficient Funds.
Automatic Redebit on March 13, 2019
$12,260.09 + $100.00 Intuit Handling Fee
Intuit will automatically attempt to redebit your company bank account for the above amount on March 13, 2019. All of your services will remain suspended until March 15, 2019, assuming the funds are successfully collected.
Please follow instructions to resolve this problem.
We appreciate your business and prompt action in resolving this matter.
Sincerely,SBD Risk Management
Intuit Payroll Services
I did not think I had any issues with payroll accounts, so it immediately put me on the defensive. Just like with all bank information, I do not follow links in emails, but will go to the website directly to login and see if there are any issues. The “follow instructions” link did not take you to Intuit. I was able to see the address of the hyperlink by hovering over it with my mouse. It appears on the left bottom corner of the window (Windows 10). No doubt that this email at some point may have been original to Intuit, but it was repurposed now. Some of the other links in the email did direct you to Intuit. However, the copyright date for Intuit at the bottom of the email was 2013.
At any rate, I do not blame Intuit or QuickBooks for any of these phishings or scams. I am sure they are working to shut down any such misuse of their name. To help Intuit get a handle on these kind of emails, forward them to spoof@intuit.com, so they can have a record of this occurring, and maybe shutdown wherever they are coming from. Always go through your known website channels, like logging into Intuit or QuickBooks directly, and never click on this kind of link. Again, a healthy dose of skepticism saves the day.
