Web Analytics Made Easy -

Blog posts of '2018' 'July'

Spam Warning: Automated Intuit Notification

Spam Warning: Automated Intuit  Notification


This email has been spotted this week:




From:                                                       Intuit Inc. <quickbooks@busek.com>

Sent:                                                         Tuesday, July 17, 2018 3:28 PM

To:                                                            Recipient

Subject:                                                   Automated Intuit  Notification



Stop waiting weeks for checks to arrive.


Intuit QuickBooks


Dear customer,

 This message has been sent to you by Intuit Inc. Make sure you click on the web link listed below to view Invoice details.

Your Invoice ID: INV15725381 has been settled and available below.

See your receipt

We appreciate your business with us and thank you for working with Intuit.


Need help?.

Call 800-267-3519

Talk to a Pro






Download the QuickBooks App for iOS on the App store

Get the QuickBooks App for Android on Google Play





Intuit and ProConnect are brand marks of Intuit.

Terms and conditions, pricing and service options are subject to change without the need of notification.

Personal privacy.

2008-2018 Intuit Services Inc..  All rights reserved..
1600 W. Commerce Center Place, Tucson, AZ 85506


TrustE Verified


The originating email is obviously wrong - Busek.com


The 'See you receipt' link takes you to: http://njdiscrim.com?3Xf80q=QAUSY1CQVUFS1QXOBsGSJTHS


Which is obviously not an Intuit Quickbooks link, they have not bothered with a certificate or any other measures to fein authenticity.


The offending website has already been removed so no immediate danger.


Most of the Intuit company links are as they would have been originally.

Spam Warning: Apple Alert Regarding Your Recent Purchase

Spam Warning: Apple Alert Regarding Your Recent Purchase


This email has been seen by a number of people this week - it is not a particularly convincing one, but it deserves to be mentioned in case it may cauase any damage...

The email appears as:




From:                                                       Apple Inc <[email protected]>

Sent:                                                         Thursday, July 12, 2018 7:22 PM

To:                                                            Recipient

Subject:                                                   Apple Alert Regarding Your Recent Purchase









Recent Order





Your Apple ID was just used to purchase from Apple Online store on a device that hadn't previously been related with your ID. You may be getting this e-mail if you reset your password since your previous order.
If you placed this order, you can disregard this e mail. It was only sent notify to you in case you didn't make the purchase yourself.

See Details Here

In case you did not make this purchase, we highly recommend that you go to  to modify your security password, then see Apple ID: Security and your Apple ID for additional assistance

All the best,
Apple Team








Apple ID Summary     Terms of Sale     Privacy Policy




Copyright 2018 Apple Inc.,




The email addres obviously doesn't stack as it is from [email protected] and not Apple and the link described as see details here is pointing to http://dryerventwizarduniversity.mobi?3I=QIUBNYQASHUBQYUDP which again isn't a very convincing domain as it doesn't even have Apple in it.

If you do click the link you are taken to a non-existant website and so the email can do no harm:

No such site

Either way this email shoudl be marked as spam and the address marked as a spam source.

The IdealOfficeInc.com has no SPF record: 

No SPF for domain


and so this may well be why it was chosen. SPF (Sender Policy Framework) is a simple way of informing other email servers of which IP addresses your emails are likely to originate from and not having one means that poeple are more likely to spoof your address as we see in this case.

At sircles we would always advise having a full SPF and DKIM/DMARC set of records to stop spammers impersonating you.

Spam Warning: OnlineInvoices Automated Service Notice

Spam Warning: OnlineInvoices Automated Service Notice


This email has been seen both this week and last week, and is obviously a phishing attack.

The email itself looks fairly harmless,but there is a real company by this name that sends out invoices and so customers could easily be duped.

 OnlineInvoices Spam


The HTML version is as follows:




From:                                                       OnlineInvoices Inc All Rights Reserved. <[email protected]>

Sent:                                                         Thursday, June 28, 2018 7:15 PM

To:                                                            Receipent

Subject:                                                   OnlineInvoices Automated Service Notice




Online Invoices


Invoice Notice





The following payment notification is sent to you by OnlineInvoices Inc from Alliance One. Please click the link below to see an invoice







2012-2018 OnlineInvoices. All rights reserved
Izam Inc. , 2851 Centerville Ave., Suite 300, Wilmington, DE 19805





Now the link 'See Invoice' actually points to: http://itzzs.net?7l=QAUSY1CQVUFS1QXOBsGSJTHS which is sort of dangerous as the original company was started by Izzam group which sort of resembles this link, but if you are being careful you will notice that this link is bogus before proceeding too much further.

We can also see that the originating email address is: [email protected] which is obviously incorrect.

If we attempt to visit the site, we can see that it has already been shut down:

Itzzs.net site shut down


And so no longer poses a threrat.

Please do report these emails as spam as well as this site if you get the chance.

You can see how here: https://blog.sircles.net/post/2018/05/17/reporting-fraudulent-websites-with-your-browser