Another BBB Phishing Scam. Don’t Bite!

Phishing scams look like legitimate email, and they are getting more sophisticated every day. What these con artists are really after is your banking and financial information. And they won’t mind destroying your computer to get it.

Once again, scammers are sending emails that appear to come from your trusted Better Business Bureau. They’ll tell you that a complaint has been registered against your business, or that a customer has submitted a review of your business. (It doesn’t matter that you might not even OWN a business.)

The email will ask you to download and complete an attached form, or it will ask you to click on a link to view and respond to the consumer posting. Don’t do either!

The “attached form” is actually an executable file that will drop a nasty virus onto your system. Next thing you know, you’ll see a pop-up message that claims your computer is infected with dozens of viruses, and that will offer to clean your system for a fee. If you provide your credit card or banking information to have your system cleaned, you will waste your money, and the scammers will then have access to your funds and will steal even more of your money.

The links in the bogus email are dangerous, as well. They look like a link to a BBB page, but the code behind the link will actually route your browser to a website where malware is dropped onto your computer. The malware is written in such a way that it usually passes by anti-virus programs undetected. Once the malware is in place, the scammer can sniff for your banking information (including user names and passwords), and can use your system to send more scam emails out to your contacts under your name.

The bottom line is this: If you don’t own a business, you can disregard any BBB email that claims your company has been the subject of a customer communication. If you do own a business, you can always check with your local office to confirm the legitimacy of any email purporting to come from BBB. To find your local office, visit www.bbb.org/find. But never click on a link in an email or download an attachment unless and until you confirm that it truly came from BBB.

BBB would like you to send us any bogus emails claiming to come from BBB. Forward the email(s) to phishing@council.bbb.org. Don’t worry if you receive a notification that the email could not be delivered because of an attached virus. We pull them from quarantine and examine them anyway. Please understand that we would like to reply to each email, however, when the traffic to the phishing mailbox is particularly heavy, we might not be able to offer a direct reply. If you need personal assistance with an email, contact your local BBB.