More Quickbooks scams are making an appearance with a special guest of malicious Google ads. Let’s learn what to look for. Malwarebytes, a leading cybersecurity solutions company, reports on two different Quickbooks scams, one involving malicious pop-ups and the other being malicious Google ads. Both the malicious pop-ups and malicious Google ads direct the victim to call a phone number for Quickbooks customer support.
How it operates
These scams involve the victim actively searching Google for Quickbooks downloads. The victim will either download what appears to be Quickbooks but is actually malware or they will go to a spoofed Quickbooks website and find the support phone number. Both scams want to trick the user into calling the support phone number, but the pop-up scam goes a step further.
Pop-up uh ohs
That’s right, the pop-up scam adds extra fright into tricking the victim. The pop-up has a message stating the victim’s Quickbooks data is corrupted, missing, or damaged. The pop-up then says to call the support number found in the pop-up itself. The victim being worried their data is not accessible then calls the phony support number.
The payoff
So the scam pushes the victim to call that phony support number, but why? Well, once the victim calls they will get the best customer support service they have probably ever had. The customer service will also ask for the victim to download a tool to allow remote access control of the computer. Once the cybercriminal is successful in having the victim install the remote access malware, they will most likely install other malware. They will also ask for payment from the victim for fixing their Quickbooks issues, despite no real issue ever existing.
What you can do
Always always always scrutinize the top search results and ads on any search engine before clicking. We have written about fake Google ads and their risks before here at Small Business, Big Threat. Another thing to keep in mind, very rarely will a support service ever ask for remote access to your computer. If they do, a red flag should be raised. If you do fall victim, call your financial institute immediately to hopefully stop the payment and also disconnect your computer from the internet. You can then notify the Michigan State Police Michigan Cyber Command Center (MC3) and file a report with them, if you choose. They may also be able to help recover any lost money, among other things.
Subscribe to our monthly email newsletter to keep your small business up-to-date on all the latest cybersecurity news! For more information on protecting your small business from cyberattacks and other cybersecurity topics check out Small Business, Big Threat!