Email Phishing Scam Impersonating BBB

  
     
September 11, 2017

DENVER, CO—Better Business Bureau has received multiple reports today of the BBB name and logo being fraudulently used in an on-going email phishing scam. The emails resemble the notices of complaint BBB’s typically send to businesses, although they contain links to malware that can infect computers and steal passwords.

 

If you receive an email that looks like the one pictured above, here is what you should do:

 

1. Do NOT click on any links or attachments.
2. Read the email carefully for signs that it may be fake (for example, misspellings, grammatical errors, generic greetings such as “Dear member” instead of a name, etc.).
3. Be wary of urgent instructions to take specified action such as “Click on the link or your account will be closed.”
4. Hover your mouse over links without clicking to see if the address is truly from bbb.org. The URL in the text should match the URL that your mouse detects. If the two do not match, it is most likely a scam.
5. Send a copy of the email to phishing@council.bbb.org (Note: This address is only for scams that use the BBB name or logo)
6. Delete the email from your computer completely (be sure to empty your “trash can” or “recycling bin,” as well).
7. Run anti-virus software updates frequently and do a full system scan.
8. Keep a close eye on your bank statements for any unexpected or unexplained transactions.
9. If you have clicked on any of the links within the email, immediately change your email and network passwords AND notify your local IT provider for next steps and actions.

If you have a business and are not certain whether the complaint is legitimate, contact your local BBB.

BBB is working with law enforcement as well as a private deactivation firm to shut down as many criminal websites as possible. To date, we have shut down well over 100 sites.

For more information on data security for your business, check out www.bbb.org/cybersecurity.