Internal Tax Service QuickBooks Online Support
December 12, 2019 8:17 PM Subscribe
Should I be worried that this company is not legit?
Last week, I took over the bookkeeping for a nonprofit and had trouble logging in with the passwords I was given. I called QuickBooks Support and they gave me a different phone number to call for QuickBooks Online Support. At that number, I received a recording that said I needed to terminate the call and log into my account online to access Help. I searched again for QuickBooks Online Support and came up with a number for a company called Internal Tax Service who provided tech support for all QuickBooks products. Over 2 nights and at least 2 hours I worked with a tech and was finally able to log in. Then he told me and showed me what looked like a split app/source file screen with “47 corrupt files.” He said if it reached 50, all the company files would be lost. He offered a $499 one-time repair fee good for 30 days or $600 for 1 year of support. When I replied that it is a nonprofit organization and I didn’t think they could afford that, he lowered the price to $299.99 one-time or $449.99 for 1 year. I explained that it would have to be a board decision. He asked if he could call back Friday; I said yes. The more I think about it and after I Googled the business name, I suspect it could be a scam.
The phone numbers involved were:
QuickBooks Support: 1-800-294-0640
QuickBooks Online Support: 1-800-446-8848
My call to Internal Tax Service: 1-844-294-0640
Call back from Internal Tax Service: 1-877-465-0280
Call back numbers provided by Internal Tax Service tech: 1-800-270-9908 / 1-877-846--8003
My OS: Windows 10 Home
TL/DR: Does anyone know anything about a company called Internal Tax Service? If I thank them for their diagnostic help but tell them our nonprofit can’t pay for a “corrupt files repair,” or simply don’t answer their calls, can they hack into my IP address and sabotage the QuickBooks Online account and/or my Wi-Fi network? I never gave them the password to my Wi-Fi but I gave them permission to access my PC through Team Viewer. I created a new QB password and set up a new email account while working with them remotely. Could they have viewed the passwords as I was typing even though they weren’t visible to me? Should I be worried?
Last week, I took over the bookkeeping for a nonprofit and had trouble logging in with the passwords I was given. I called QuickBooks Support and they gave me a different phone number to call for QuickBooks Online Support. At that number, I received a recording that said I needed to terminate the call and log into my account online to access Help. I searched again for QuickBooks Online Support and came up with a number for a company called Internal Tax Service who provided tech support for all QuickBooks products. Over 2 nights and at least 2 hours I worked with a tech and was finally able to log in. Then he told me and showed me what looked like a split app/source file screen with “47 corrupt files.” He said if it reached 50, all the company files would be lost. He offered a $499 one-time repair fee good for 30 days or $600 for 1 year of support. When I replied that it is a nonprofit organization and I didn’t think they could afford that, he lowered the price to $299.99 one-time or $449.99 for 1 year. I explained that it would have to be a board decision. He asked if he could call back Friday; I said yes. The more I think about it and after I Googled the business name, I suspect it could be a scam.
The phone numbers involved were:
QuickBooks Support: 1-800-294-0640
QuickBooks Online Support: 1-800-446-8848
My call to Internal Tax Service: 1-844-294-0640
Call back from Internal Tax Service: 1-877-465-0280
Call back numbers provided by Internal Tax Service tech: 1-800-270-9908 / 1-877-846--8003
My OS: Windows 10 Home
TL/DR: Does anyone know anything about a company called Internal Tax Service? If I thank them for their diagnostic help but tell them our nonprofit can’t pay for a “corrupt files repair,” or simply don’t answer their calls, can they hack into my IP address and sabotage the QuickBooks Online account and/or my Wi-Fi network? I never gave them the password to my Wi-Fi but I gave them permission to access my PC through Team Viewer. I created a new QB password and set up a new email account while working with them remotely. Could they have viewed the passwords as I was typing even though they weren’t visible to me? Should I be worried?
Best answer: Unfortunately, this is a scam. You should chance the passwords on the QuickBooks account and run some anti-malware software on your computer (MalwareBytes and AVG have free versions that are fine). Here is some information on TeamViewer and scams and you can report a scam to them here.
posted by jessamyn at 8:30 PM on December 12, 2019
posted by jessamyn at 8:30 PM on December 12, 2019
He asked if he could call back Friday; I said yes. The more I think about it and after I Googled the business name, I suspect it could be a scam.
Yes, this was definitely an attempted scam and not a real business. If they call you back, hang up.
I searched again for QuickBooks Online Support and came up with a number for a company called Internal Tax Service who provided tech support for all QuickBooks products.
This is where things went wrong, I think. Nobody but Intuit (the company that runs QuickBooks) has any way of getting you access to a QuickBooks account. Anything you read that said otherwise is lying to you.
If "Internal Tax Service" was somehow affiliated with Intuit, you would expect their company to at least be mentioned somewhere on Intuit's website, but it isn't.
Here's the official page for recovering access to an Intuit account.
I never gave them the password to my Wi-Fi but I gave them permission to access my PC through Team Viewer. I created a new QB password and set up a new email account while working with them remotely. Could they have viewed the passwords as I was typing even though they weren’t visible to me? Should I be worried?
There's no way to know for sure what they were able to see. If they were opening files and running programs while your computer was under their control, they would have had countless opportunities to install malware which would then allow them to log keystrokes, steal your data, and so on.
I can tell you that if this happened to me, I would first reformat the computer. Then I would immediately change the passwords to every single account whose password had been typed on that computer since the TeamViewer session, as well as any critical accounts (bank accounts etc.) that someone with access to my email account might have been able to indirectly get into by requesting a password reset email.
posted by teraflop at 8:37 PM on December 12, 2019 [6 favorites]
Yes, this was definitely an attempted scam and not a real business. If they call you back, hang up.
I searched again for QuickBooks Online Support and came up with a number for a company called Internal Tax Service who provided tech support for all QuickBooks products.
This is where things went wrong, I think. Nobody but Intuit (the company that runs QuickBooks) has any way of getting you access to a QuickBooks account. Anything you read that said otherwise is lying to you.
If "Internal Tax Service" was somehow affiliated with Intuit, you would expect their company to at least be mentioned somewhere on Intuit's website, but it isn't.
Here's the official page for recovering access to an Intuit account.
I never gave them the password to my Wi-Fi but I gave them permission to access my PC through Team Viewer. I created a new QB password and set up a new email account while working with them remotely. Could they have viewed the passwords as I was typing even though they weren’t visible to me? Should I be worried?
There's no way to know for sure what they were able to see. If they were opening files and running programs while your computer was under their control, they would have had countless opportunities to install malware which would then allow them to log keystrokes, steal your data, and so on.
I can tell you that if this happened to me, I would first reformat the computer. Then I would immediately change the passwords to every single account whose password had been typed on that computer since the TeamViewer session, as well as any critical accounts (bank accounts etc.) that someone with access to my email account might have been able to indirectly get into by requesting a password reset email.
posted by teraflop at 8:37 PM on December 12, 2019 [6 favorites]
So, in the interests of sparing you future suffering, let's run through the red flags here:
* Entity obviously named to suggest some kind of affiliation with the government
* I'm sure that if you looked at the actual URL you found on the search, it would be named in such a way to suggest affiliation with the product without actually being an official company site (e.g., quickbooks.techhelp.com)
* Guy claims to have found unexpected mysterious technical problems (you just needed a login, why would there be corrupt files?)
* Guy gives you weird arbitrary deadline for disaster, using data that sounds somehow Official and Serious ("50 files")
* He was undoubtedly going to ask you for the payment in a non-cancellable form like a gift card
These are all basic characteristics of scams of all kinds.
Congratulations, though, you didn't actually lose any money! You listened to your doubts and delayed action (the #1 thing they try to get you not to do). You did better than many (including my mom, unfortunately).
Also, while I would change passwords and run MalwareBytes as suggested above just for peace of mind, these operations are usually too elaborate for just building botnets. They're trying to get those sweet $600 Visa giftcards. (Ever wonder why your Target has those signs warning you about not buying giftcards for random strangers? This is one of the scams they're concerned about.)
posted by praemunire at 9:34 PM on December 12, 2019 [1 favorite]
* Entity obviously named to suggest some kind of affiliation with the government
* I'm sure that if you looked at the actual URL you found on the search, it would be named in such a way to suggest affiliation with the product without actually being an official company site (e.g., quickbooks.techhelp.com)
* Guy claims to have found unexpected mysterious technical problems (you just needed a login, why would there be corrupt files?)
* Guy gives you weird arbitrary deadline for disaster, using data that sounds somehow Official and Serious ("50 files")
* He was undoubtedly going to ask you for the payment in a non-cancellable form like a gift card
These are all basic characteristics of scams of all kinds.
Congratulations, though, you didn't actually lose any money! You listened to your doubts and delayed action (the #1 thing they try to get you not to do). You did better than many (including my mom, unfortunately).
Also, while I would change passwords and run MalwareBytes as suggested above just for peace of mind, these operations are usually too elaborate for just building botnets. They're trying to get those sweet $600 Visa giftcards. (Ever wonder why your Target has those signs warning you about not buying giftcards for random strangers? This is one of the scams they're concerned about.)
posted by praemunire at 9:34 PM on December 12, 2019 [1 favorite]
Could they have viewed the passwords as I was typing even though they weren’t visible to me? Should I be worried?
Yes and yes.
I agree with teraflop about what's possible, with praemunire about what's likely, and with jessamyn on the best things to do first.
In addition, in your shoes I'd find out exactly which files on my PC's hard disk contained current and archival Quickbooks financial information about my nonprofit; I'd back all of those up twice, with a complete set on each of two clean USB sticks, using Windows Explorer rather than Quickbooks; then I'd get two more clean USB sticks and use the Quickbooks internal backup process to make backups of the current company files onto those.
posted by flabdablet at 3:17 AM on December 13, 2019 [1 favorite]
Yes and yes.
I agree with teraflop about what's possible, with praemunire about what's likely, and with jessamyn on the best things to do first.
In addition, in your shoes I'd find out exactly which files on my PC's hard disk contained current and archival Quickbooks financial information about my nonprofit; I'd back all of those up twice, with a complete set on each of two clean USB sticks, using Windows Explorer rather than Quickbooks; then I'd get two more clean USB sticks and use the Quickbooks internal backup process to make backups of the current company files onto those.
posted by flabdablet at 3:17 AM on December 13, 2019 [1 favorite]
Then he told me and showed me what looked like a split app/source file screen with “47 corrupt files.” He said if it reached 50, all the company files would be lost.
Corrupt files are common on computers. They might not mean anything at all. I'm not saying they're nothing to worry about, I'm just saying you can't tell whether to worry just because they're present. And someone saying there's a magic number of 50 where beyond that things are irreparable is simply taking advantage of your ignorance. I have been on computers with thousands of corrupt files without any undue pain and suffering.
Not to mention the fact that just because his program said there were 47 corrupt files doesn't mean there actually were.
posted by ubiquity at 6:07 AM on December 13, 2019 [1 favorite]
Corrupt files are common on computers. They might not mean anything at all. I'm not saying they're nothing to worry about, I'm just saying you can't tell whether to worry just because they're present. And someone saying there's a magic number of 50 where beyond that things are irreparable is simply taking advantage of your ignorance. I have been on computers with thousands of corrupt files without any undue pain and suffering.
Not to mention the fact that just because his program said there were 47 corrupt files doesn't mean there actually were.
posted by ubiquity at 6:07 AM on December 13, 2019 [1 favorite]
Do you have IT support at your non-profit? I would tell them what happened and have them handle checking for any backdoors or whatever the scammers might've left in your computer. It sounds like you're not necessary super tech savvy, which is fine, but you need someone who understands computer security to ensure they haven't set ways to get into your email, etc.
>Then he told me and showed me what looked like a split app/source file screen with “47 corrupt files.” He said if it reached 50, all the company files would be lost.
This isn't how computers work. There is no magic number where you lose everything. This person was preying on your lack of computer knowledge, unfortunately. Next time you have trouble logging into something, I might check with the IT department to recover the passwords.
posted by AppleTurnover at 1:38 PM on December 13, 2019
>Then he told me and showed me what looked like a split app/source file screen with “47 corrupt files.” He said if it reached 50, all the company files would be lost.
This isn't how computers work. There is no magic number where you lose everything. This person was preying on your lack of computer knowledge, unfortunately. Next time you have trouble logging into something, I might check with the IT department to recover the passwords.
posted by AppleTurnover at 1:38 PM on December 13, 2019
Response by poster: Thank you everyone! I took all your advice - changed passwords, ran malware software, am taking the PC to a computer repair shop tomorrow to get scanned or whatever, and blocked "the tech's" phone number. Sabotaging the nonprofit's bank account and PC is not an impressive way of beginning my new volunteer bookkeeping position!
posted by Gertrude McFuzz at 4:44 PM on December 13, 2019 [1 favorite]
posted by Gertrude McFuzz at 4:44 PM on December 13, 2019 [1 favorite]
« Older Issues in Real Estate Development for Activists... | Supernatural horror film recommendations Newer »
This thread is closed to new comments.
posted by theodolite at 8:23 PM on December 12, 2019 [3 favorites]