Learn how to recognize official Intuit correspondence and websites.
Phishing, spam, spoofing, or hoaxing emails are a huge problem today. The best protection against these security risks is awareness and prevention.
Table of contents:
Spot fake emails
Suspicious emails can sometimes be a scheme to get you to share your personal info. These scams come in different forms, but often look pretty convincing. Here are a few things to look for if you’re not sure an email came from Intuit.
- We’ll never ask for your personal info in an email.
- Our emails will always come from an email address that ends with @intuit.com. This includes @e.intuit.com.
- Any link we send you in an email will always be for an intuit.com address.
Check out our online security tips to help you keep your information safe.
Got an Intuit email you aren't sure about? Check out our security notices for details of suspicious emails reported by other Intuit customers.
Suspicious emails will say they are from Intuit and may ask you to take actions like logging in, providing personal information, or downloading 'tools'. If you have received one of these emails, don't open it or access any of the links. Go to the Intuit Online Security Center for more information.
Identify an official Intuit website
All official Intuit websites end in *intuit.com. A few examples include quickbooks.intuit.com, proconnect.intuit.com, and accountants.intuit.com.
Stay aware: Check out the latest information from Intuit or report an issue
Go to the Online Security Center page to see how we protect your data and how you can protect yourself from email scams and other security risks.
Got an Intuit email you aren't sure about? Check out our security notices for details of suspicious emails reported by other Intuit customers.
To report a Phishing attempt see here.
Our security commitment to you
- We'll never send you an email with a "software update" or "software download" attachment.
- We'll never send you an email asking you to send us sign-in or password information.
- We'll never ask you for your banking information or credit card information in an email.
- We'll never ask you for confidential information about your employees in an email.
Security is a team effort
When you notify us about suspicious emails, it helps keep everyone protected. When we work together, as a team, we make our environment a safe, secure place to do business.
Data Security Tips for Tax Professionals from the IRS:
Protect Your Clients; Protect Yourself
The IRS and the Security Summit Working Group have created a Data Security Resource Guide to help Tax Professionals protect taxpayer's data. You can download a copy at IRS.gov/ProtectYourClients
Here's a sampling from the Data Security Resource Guide:
- Learn to recognize phishing emails, especially those pretending to be from the IRS, e-Services, a tax software provider or cloud storage provider. Never open a link or any attachment from a suspicious email. Remember: The IRS never initiates initial email contact with tax pros about returns, refunds or requests for sensitive financial or password information
- Create a data security plan using IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security – The Fundamentals, by the National Institute of Standards and Technology.
- Review internal Controls
- Install anti-malware/anti-virus security software on all devices (laptops, desktops, routers, tablets and phones) and keep software set to automatically update.
- Use strong and unique passwords of 8 or more mixed characters, password protect all wireless devices, use a phrase or words that are easily remembered and change passwords periodically.
- Encrypt all sensitive files/emails and use strong password protections.
- Back up sensitive data to a safe and secure external source not connected fulltime to a network.
- Wipe clean or destroy old computer hard drives and printers that contain sensitive data.
- Limit access to taxpayer data to individuals who need to know.
- Check IRS e-Services account weekly for number of returns filed with EFIN.
- Report any data theft or data loss to the appropriate IRS Stakeholder Liaison
- Stay connected to the IRS through subscriptions to e-News for Tax Professionals, QuickAlerts and Social Media
