BBB Logo

Better Business Bureau ®
Start With Trust®
28 counties covering Western Pennsylvania
Another BBB Phishing Scam…Don’t Bite
December 04, 2012

Pittsburgh, Pennsylvania – December 4, 2012 - Phishing scams are created to look like legitimate emails, and they are getting more sophisticated every day. What these con artists are really after is your banking and financial information and they are willing to destroy your computer to get it.

Once again, scammers are sending emails that appear to come from the Better Business Bureau. The email says that a complaint has been registered against your business, or that a customer has submitted a review of your business, even if you don’t own a business!

The email will ask you to download and complete an attached form, or click on a link to view and respond to the consumer posting. Don’t do either!

The “attached form” is actually an executable file that will drop a nasty virus onto your system. Next thing you know, you’ll see a pop-up message that claims your computer is infected with dozens of viruses, and that will offer to clean your system for a fee. If you provide your credit card or banking information to have your system cleaned, you will waste your money, and the scammers will then have access to your funds and will steal even more of your money.

The links in the bogus email are dangerous, as well. They look like a link to a BBB page, but the code behind the link will actually route your browser to a website where malware is dropped onto your computer. The malware is written in such a way that it usually passes by anti-virus programs undetected. Once the malware is in place, the scammer can sniff for your banking information (including user names and passwords), and can use your system to send more scam emails out to your contacts under your name.

If you get an email that looks like it is a BBB complaint or says that a customer has submitted a review of your business:

1. Do NOT click on any links or attachments.

2. Read the email carefully for signs that it may be fake (for example, misspellings, grammar, generic greetings such as “Dear member” instead of a name, etc.).

3. Be wary of any urgent instructions to take specified action such as “Click on the link or your account will be closed.”

4. Hover your mouse over links without clicking to see if the address is truly from bbb.org. The URL in the text should match the URL that your mouse detects. If the two do not match, it is most likely a scam.

5. Delete the email from your computer completely. (Be sure to empty your “trash can” or “recycling bin,” as well.)

6. Run anti-virus software updates frequently and do a full system scan.

7. Keep a close eye on your bank statements for any unexpected or unexplained transactions.

BBB would also like you to send bogus emails claiming to come from BBB to phishing@council.bbb.org. Don’t worry if you receive a notification that the email could not be delivered because of an attached virus, as they are pulled from quarantine and examined anyway. Please understand that due to heavy traffic to the phishing mailbox, you may not receive a direct reply. If you need personal assistance with an email, contact your BBB at 877.267.5222.

###

About the BBB System

BBB is an unbiased organization that sets and upholds high standards for fair and honest business behavior. Businesses that earn BBB accreditation contractually agree and adhere to the organization’s high standards of ethical business behavior. BBB provides objective advice, free BBB Business Reviews and BBB Wise Giving ReportsTM, and educational information on topics affecting marketplace trust. To further promote trust, BBB also offers complaint and dispute resolution support for consumers and businesses when there is difference in viewpoints. The first BBB was founded in 1912. Today, 114 BBBs serve communities across the U.S. and Canada, evaluating and monitoring more than 4 million local and national businesses and charities. Please visit www.bbb.org for more information about the BBB System.