The time had come! Our QuickBooks Desktop version was expiring and we needed to decide whether to stay with the desktop version or move to QuickBooks Online. I was really excited about making the switch to online! This would mean being able to access insight180 work remotely, also allowing our accountant to access remotely and giving us the capability to offer direct deposit to our employees. Gone would be the days of having to be physically “with” the computer designated as the QB computer. OK, maybe not exciting to everyone, but I love streamlining!
As with any change in technology, my methodology is always, do lots of research beforehand and then, talk to the experts. I knew the product was beneficial from a workflow standpoint but needed to make sure going online was also cost-efficient. I looked up the QB tech support number and called it, expecting that this would take a while. I got my coffee and settled in. Stefan was the gentleman I reached and he asked for our QB ID #, my name, business, address, phone, all the expected identifying information. I told him that we were considering our options and asked him many clarifying questions. Mainly, cost comparison with renewing QB Desktop and QB Online. Meanwhile, we had been having problems with an upgraded QB Desktop version, so he asked if he could remote in and just check on our QB files and make sure it could all be migrated over easily. We connected and he ran a diagnostic tool to check on everything, it seemed like due diligence to run a diagnostic report. Once that was complete, there was a troubling message on the screen saying that 34% of the files were corrupt. He asked if he could put me on hold so he could ask his supervisor about the problem.
Once he returned to the line, he shared that his supervisor did some investigating and discovered that we didn’t have extra support coverage and that if we tried to migrate to QB Online, he couldn’t guarantee all of the files would transfer successfully. He suggested that to keep our files intact, we should probably stay with the Desktop version and add extra protection. So far, this sounds like every tech support service call we’ve ever been on, we even heard sounds like it was a call center!
He had the details: It would take between 90-120 minutes to repair the files and would actually end up costing us less than the online version since this would be paid one time annually. He had a 3-year plan, a 5-year plan and a 10-year plan. All of which would save us money in the long run. He put me on hold again to check with his supervisor to see if he could do any better on the price since we had been a customer for so many years.
And then…I was thinking…how do we not have a security plan for our QB? I know that Wendy is very security conscious! So while on the phone with him, I looked back at our QB agreement. I found that we had what looked like a data protection plan. So what he told me was not accurate. I asked him (in a very accusatory manner) how he could have quoted us a price for something we already had?
I decided to get off the phone with him and talk with Wendy to make sure we were on the same page. He said he would hold while we talked and I told him I would just call him back. He gave me a case number and said that anyone who answered the phone could help me. I asked for an email, he said he didn’t have a specific email but gave me his INTUIT employee ID (parent company of QB). Oddly enough, when we called back, he immediately answered the phone.
Wendy had joined me and we were on the phone with him, ready to go forward with a 3-year plan. When she logged into Intuit on another computer, she found that none of Stefan’s quotes added up. All of these circumstances provoked me to “google” the phone number. Heart sinking, I read that this number was a potential scam. We quickly got off the phone, disconnected from the screen sharing and called a legit Intuit representative from our actual account.
Feeling like we just dodged a bullet, we had to autopsy what had just happened and to figure out how to avoid this situation in the future. So, sharing with you some tips:
First, ask for an email address. If they can’t give you one, tell them you’ll call them back and look up any information they have given you. Second, they should always read a disclosure statement if they want to screen share with you. Of course, I didn’t know this until afterward but now it seems pretty obvious. Third, trust your gut. If something seems off, don’t hesitate to disengage and let them know you will call them back later, even if you don’t intend to do so.
After passwords were changed, files were checked and we followed up again with Intuit, they confirmed, too, that their representatives will never ask for passwords or security-related information.
Finally, we reported the information to the FTC. The FTC takes the phone numbers you report and releases them to the public each business day. This helps phone carriers and other partners that are working on call-blocking and call-labeling solutions. Your reports also help law enforcement identify the people behind illegal calls. https://ftc.gov/complaint
In addition to reporting the scam to the FTC, a new program called the Cyber SWAT Team, created by the Cybersecurity Association of Maryland Inc. (CAMI), allows companies in Maryland to share information on the kinds of cyber threats they are facing now (due to increased teleworking and cyber threats), and consult with the experts on how to respond to a hack. Many businesses don’t know who to call or where to start in the event of a hack. That’s where the “SWAT Team” of experts comes in. CAMI has also provided additional webinars and tips, to help local companies that may be seeking some extra guidance on what their employees should or shouldn’t be doing while working from home. For more information visit: https://www.mdcyber.com/cyber_swat_team.php
–Nikole McWright, office manager
