Pittsburgh, Pennsylvania (March 5, 2012) – Another round of phishing email scams utilizing the Better Business Bureau’s name and ‘Start With Trust’ tagline has been flooding inboxes across the nation this week. This latest round of email carries the subject line, “Your company is accused of illegal financial transactions.” The emails ask the individual to file feedback to this matter within 14 days via the “Online Complaint system” and list login information.
As a result of this newest wave of the phishing scam, BBB recommends the following to anyone who receives the email:
- Do not to open any attachments
- Do not click on any links
- Delete the email from your inbox, and then delete it again from your trash or recycling folder
- Run a full system scan using reputable virus software
Previously, BBB had recommended running a full system scan only if the recipient had clicked on the link or opened the attachment. But due to the virulent nature of the virus, the new recommendation is for everyone who receives it to do the scan. In offices or homes that are networked, all computers should be scanned.
Chris Garver, Chief Information Officer at the Council of Better Business Bureaus, recommends that all domain owners set up a sender policy framework (SPF) and set their spam filter to use it. “Using the SPF standard helps fight spam and phishing attacks by allowing your email servers to verify whether an email is legitimate…or not,” he says.
Microsoft offers a simple, four-step process for setting up an SPF: www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
If you receive an email saying your business has a complaint filed against it with BBB, there are several things you can do to authenticate it:
- Look for typos, grammatical errors, etc. in the text that could indicate it originated overseas.
- Check to see who it says it is from. Complaints go out from the local BBBs, not from the headquarters office.
- Hover your mouse over the link to see if its destination is really a bbb.org address.
- Copy and paste the link into Notepad (not Word). Notepad does not support html, so if the link is a fake bbb.org address, the real link will show up.
- If you still are not sure, go to www.bbb.org to find your local BBB, and send them a new email to ask if you have a complaint (do not Reply to the email you received, or forward it to them).
- Report a BBB phishing email to email@example.com.
BBB is continuing to work with federal law enforcement agencies to identify the perpetrators of this fraud, which has been ongoing since November 2011, and is also looking into other measures it can take to help prevent future phishing scams from spreading.
About the BBB System
BBB is an unbiased organization that sets and upholds high standards for fair and honest business behavior. Businesses that earn BBB accreditation contractually agree and adhere to the organization’s high standards of ethical business behavior. BBB provides objective advice, free business BBB Reliability ReportsTM and charity BBB Wise Giving ReportsTM, and educational information on topics affecting marketplace trust. To further promote trust, BBB also offers complaint and dispute resolution support for consumers and businesses when there is difference in viewpoints. The first BBB was founded in 1912. Today, 128 BBBs serve communities across the U.S. and Canada, evaluating and monitoring more than 4 million local and national businesses and charities. Please visit www.bbb.org for more information about the BBB System.