BBB Warns of New Phishing EMail Scam

By  | 

FROM THE BBB -- A new scam using the BBB name popped up this morning, and has been received by consumers and businesses across the U.S. and Canada…including many BBB offices!

How the Scam Works:

Two versions of the email have been received. One claims to be following up on a complaint filed with BBB, the other is asking for updated contact information “as a service to BBB Accredited Businesses.”

Both are good fakes – they use correct grammar and follow formats often used by BBB, so they look quite realistic. Both refer the recipient to an online form, and the address appears to be that of a local BBB. However, if you hover your mouse over the web address (the part that begins with http), you can see that the real address is not BBB at all.

DO NOT CLICK ON THE LINK! The link actually takes you to a rogue website that downloads a Trojan virus on your computer.
BBB is working with a professional deactivation service to take down the websites that are spreading the malware, and we have reported the incident to the FBI and other law enforcement agencies. Consumers are urged to delete suspicious emails and keep their anti-virus software up-to-date at all times.

Example of the Phishing Email:

Attached is a of a sample phishing email. The text is below:
Thank you for supporting your Better Business Bureau (BBB).
As a service to BBB Accredited Businesses, we try to ensure that the information we provide to potential customers is as accurate as possible. In order for us to provide the correct information to the public, we ask that you review the information that we have on file for your company.

We encourage you to use our ONLINE FORM to provide us with this updated information. The URL below will take you directly to this form on our website:
(UserID: 882600422 Password: mcvn34JDF3r54f)
You may also complete the form on the reverse side of this letter and mail to PO Box 1000; DuPont, WA; 98327; or fax to (206)436-5496.

Please look carefully at your telephone and fax numbers on this sheet, and let us know any and all numbers used for your business (including 800, 900, rollover, and remote call forwarding). Our automated system is driven by telephone/fax numbers, so having accurate information is critical for consumers to find information about your business easily.