QuickBooks HelpQuickBooksHelpIntuit

Identify suspicious activity and phishing scams

by Intuit•216• Updated about 12 hours ago

Phishing, spam, and spoofing are schemes used to steal personal or account information. Fraudsters sometimes impersonate companies like Intuit. They may use email, text messages (SMS), phone calls, or fake websites. These messages can look legitimate. They often use urgent language to pressure you into clicking a link, downloading an attachment, or giving sensitive information such as your password. You can protect your data by learning how to identify official Intuit communications, spot fake messages, and follow security best practices.

What is phishing?

Phishing is fraud where attackers send emails or messages that appear to come from a trusted company. The messages may contain urgent or alarming language. They may include links to fake sign-in pages or ask for login credentials or verification codes. They often mimic real company branding. Fraudsters are typically trying to capture your password, bypass account protections, access financial or personal data, or install malicious software.

Identify official Intuit resources

Official Intuit emails and websites follow specific domain patterns. Use these to check if something is legitimate:

  • Email addresses: Intuit emails come from an address that ends with @intuit.com (for example, @account.intuit.com).
  • Website URLs: Official Intuit websites end in intuit.com. Examples include quickbooks.intuit.com, e3.intuit.com, and click.notifications.intuit.com.
  • Links: Links in Intuit emails will point to an intuit.com address.

Be wary of slightly altered domain names that look like intuit.com but aren't.

Spot fake emails and scams

Suspicious emails often look convincing but are meant to trick you into sharing personal information. Watch for:

  • Misspelled or unusual sender addresses.
  • Slightly altered or unusual domain names.
  • Generic greetings like “Dear Customer”.
  • Unexpected attachments.
  • Requests for passwords, verification codes, or other sensitive information.
  • Urgent or alarming language (e.g. “Immediate action required”).
  • Poor grammar or odd formatting.

Some phishing messages closely mimic real Intuit branding. When in doubt, sign in directly through the official website to check your account. Don’t use links in the email. What Intuit will never do:

  • Ask for personal information, sign-in or password details, banking or credit card information, or confidential information about your employees in an email.
  • Send emails with “software update” or “software download” attachments.
  • Ask for your password via email, request your verification code outside the normal sign-in process, or ask you to send sensitive financial information in unsolicited messages.

Warning: If an email asks you to log in, provide personal information, or download “tools,” do not open it or use any links in it.

Avoid customer support scams

Some fraudsters claim there is a problem with your computer and offer to fix it to get access to your money or files. Intuit will not contact you to fix a problem with your computer.

Protect yourself from phishing and fraud

Don’t click unexpected emails. If you weren’t expecting the message, avoid clicking links or downloading attachments. Phishing links can send you to fake sites that capture your password or install malware. Instead of following links in an email, open a new browser window and type the official website address yourself. That way you know you’re on the real site. When in doubt, delete it. Phishing often uses urgency so you act without thinking. Deleting removes the chance of an accidental click. If the message was legitimate, you’ll usually see the same notice after signing in on the official site. Some best practices:

  • Use strong passwords on your computer and sensitive files. Never share passwords.
  • Install antivirus software, use a current browser, and keep your operating system and software updated.
  • Don’t open attachments unless you know the sender and were expecting the file.
  • Don’t respond to emails asking for account details, passwords, or banking information.

What to do if you clicked a suspicious link

If you clicked a suspicious link or entered your login information, act quickly:

  1. Change your password immediately if you entered it on a suspicious site. That stops anyone who captured it from continuing to use it.
  2. Turn on Multi-Factor Authentication (MFA) or a Passkey if you haven’t already. Changing your password is important. Enabling MFA or Passkey adds a second layer and is one of the most effective ways to reduce the risk of someone using stolen credentials.
  3. Review your account activity by signing in directly on the official website. Check for unfamiliar transactions, profile or settings changes, or new or changed users.
  4. Run antivirus or security software on your device. Some phishing links install malware that can steal passwords or monitor activity.
  5. Consider re-imaging or resetting your device (restoring it to factory settings) if malware is found or you suspect compromise. Some malware can hijack active sessions so attackers can use your account without your password again. A full reset or re-image can remove that. If you’re not sure how to do it safely, contact a trusted IT professional.
  6. Contact Intuit Support if you see unauthorized transactions or changes you didn’t make. Reporting quickly helps with investigation and limiting damage.

Intuit's security commitment

Intuit provides instructions on how to keep your product up to date and how to download updates securely. If you need to update account information, Intuit will ask you to do it by signing in to your account or contacting Intuit directly.

Report suspicious activity

If you think you received a phishing email that misuses the Intuit brand:

  • Do not click any links or open attachments.
  • Forward the email to security@intuit.com.
  • Delete the message from your inbox and trash.

To help stop similar scams and protect other customers, report the email even if you didn’t click anything:

  1. Go to the Intuit Online Security Center.
  2. Scroll to the Security section to learn how to report a security issue.

Note: Intuit Support can help you decide whether an email is legitimate or should be forwarded to the security team.

Contact Support

Intuit Accountant SuiteQuickBooks Accountant Desktop PlusQuickBooks Desktop Enterprise AccountantQuickBooks Desktop Enterprise DiamondQuickBooks Desktop Enterprise GoldQuickBooks Desktop Enterprise PlatinumQuickBooks Desktop Mac PlusQuickBooks Desktop Payroll AssistedQuickBooks Desktop Payroll BasicQuickBooks Desktop Payroll EnhancedQuickBooks Desktop Payroll StandardQuickBooks Desktop Premier PlusQuickBooks Desktop Pro PlusQuickBooks GoPaymentQuickBooks LedgerQuickBooks Online AccountantQuickBooks Online AdvancedQuickBooks Online App for AndroidQuickBooks Online App for iOSQuickBooks Online EssentialsQuickBooks Online FreeQuickBooks Online LiteQuickBooks Online Payroll CoreQuickBooks Online Payroll EliteQuickBooks Online Payroll PremiumQuickBooks Online PlusQuickBooks Online Simple StartQuickBooks Payments for DesktopQuickBooks Payments for OnlineQuickBooks Self-EmployedQuickBooks Self-Employed Mobile for AndroidQuickBooks Self-Employed Mobile for iOSQuickBooks SolopreneurQuickBooks Solopreneur PlusQuickBooks Time Elite