Attackers impersonating Quickbooks on the Microsoft 365 platform create a sense of urgency to compel their victims to “promptly” pay fake invoices allegedly from a legitimate vendor, thereby opening them up to a future malicious act.

Such phishing attacks are growing increasingly common, according to blog post from researchers at Abnormal Security who have observed 900 “attacks in the mailboxes of over 20 different customers,” with the expectation that the rate will continue to tick upward as users flock to Quickbooks online services.

These latest attacks use spoofing to bypass traditional mail filters and gain legitimacy, sending emails that seem to originate from [email protected]. The bad actors then prompt recipients to click on “Review and Pay,” which redirects them to http://parkburgerkuwait.com/loss[dot]php.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.