Cyber criminals are currently targeting Intuit QuickBooks customers by sending phishing emails that encourage the recipient to click on a link and share personal information.

Phishing is a cybercrime designed to lure you into disclosing personal information or to expose you to downloads of malware that will infect your computer. Communication impersonates real companies and comes in various guises including emails, websites and phone calls.

What to look out for

We have been alerted to several QuickBooks related phishing emails currently in circulation. Examples include:

Tax exemption transactions

This email refers to tax exemption transactions being excluded from the VAT return for deleted transactions between 8 May and 9 June 2022. It states that an adjustment is required to correct this, including a link to click on to rectify the ‘issue’.

Gift card redemption

A phishing email that asks if you would like to ‘win a £300 gift card’.

However, these are not the only phishing scams that have been reported to QuickBooks. As phishing emails continue to increase in frequency, it is important to stay mindful of all requests and communications that you receive.

How to identify genuine communication

Although phishing emails can look very convincing, there are a few key points that will help you to determine if it is legitimate contact.

  • Intuit will never ask for your personal information in an email;
  • Emails will always come from an address that ends with, this includes; and
  • Any link that is sent will always be from an address.

Take a look at some online security tips from QuickBooks to help keep your information safe.

Action to take

If you receive a similar email, or any communication that raises concern, do not click on any links or attachments or reply to the email.

Quickbooks can help determine if the email is from them or a possible phishing email that needs to be forwarded to their security team for assessment.

Contact QuickBooks here.

You can also report phishing emails to the National Cyber Security Centre, by forwarding them to