Recognize Suspicious Email & Websites


On the Internet, "phishing" refers to criminal activity that attempts to fraudulently obtain sensitive information. There are several ways a fraudster will try to obtain sensitive information such as your social security number, driver's license, credit card information, or bank account information, often luring you with a sense of urgency.  Sometimes a fraudster will first send you a benign email (think of this as the bait) to lure you into a conversation and then follow that up with a phishing email.  At other times, the fraudster will just send one phishing email that will direct you to a website requesting you to enter your personal information such as User ID and Password.

Recognizing a fake

Here are some questions to ask if you think you have received a phishing email.  You can use these same questions if you receive a vishing or smishing message:  

  1. Do you know the sender of the email? If yes, continue to be cautious before clicking a link.  If no, do not click any links.
  2. Have you checked the link? Mouse over the link and check the URL.  Does it look legitimate or does it look like it will take you to a different website?
  3. Does the email contain grammatical errors? If so, be suspicious.
  4. Are there any attachments in the email?  If so, do not click on the attachment before contacting the sender to verify its contents.
  5. Does the email request personal information?  If so, do not reply.
  6. If you have a relationship with the company, are they addressing you by name? 

You can also go to Security Alerts where all known phishing emails targeting the Intuit brand are posted.  If you find a similar email, please delete the email you received as well as remove it from your trash. There are no further steps necessary; however, if you do not find a similar email, please click here to submit a suspicious email report.

Our commitment to you:

What we won't do

  1. We will never send you an email with a "software update" or "software download" attachment. When it is time to tell you about an update, we will give you instructions on how to manually update from the product or direct you to enter the website name. Some of our products have an “auto-update” feature, which is the preferred method.
  2. We will never send you an email asking you to send us your login or password information.
  3. We will never ask you for your banking information or credit card information in an email. 
  4. We will never ask you for confidential information about your employees in an email.

What we will do

  1. We will provide you with instructions on how to stay current with your Intuit product, and we will provide you with information on how to securely download an update from your computer.
  2. If we need you to update your account information, we will request that you do so by logging into your account or calling an established (or verifiable) Intuit number.