Chicago, IL- December 20, 2011 – An
email scam using the Better Business Bureau’s (BBB) name and logo continues to
proliferate across North America, and even to some overseas addresses. Most of
the emails carry the well-known BBB torch logo and may come with the subject
line “Complaint from your customers.” The emails have a link or an attachment
containing malicious phishing malware that steals information, often with
devastating results to businesses and private citizens.
“While the Internet has many benefits;
misrepresentations and scams like this are one of the ugly features of the
Internet,” stated Steve Bernas, president & CEO of the Better Business
Bureau serving Chicago and Northern
Because of experiences such as this one, the BBB
has updated its advice and recommends the following to anyone who receives the
not open any attachments.
not click on any links.
the email from your inbox, and then delete it again from your trash or
a full system scan using reputable virus software.
Due to the virulent nature of the virus, the
recommendation is for everyone who receives it to do the scan. In offices or
homes that are networked, all computers should be scanned.
Bernas noted that the disgusting element of this
scam is that the perpetrators are likely targeting businesses, individuals and
other organizations that combat this type of activity.
“This scam is unusual in that it is very wide
ranging and continuing,” explained Bernas. “The BBB national office is working
with federal law enforcement agencies to identify the perpetrator of this
fraud, and is also looking into other measures it can take to help prevent
future phishing scams from spreading.”
If you receive an email saying your
business has a complaint filed against it with BBB, there are several things
you can do to determine if it is a fake notification:
for typos, grammatical errors, etc. in the text that could indicate it
to see who it says is the sender. Authentic BBB complaints go out from the
local BBBs, not from the headquarters office.
your mouse over the link to see if its destination is really a bbb.org
and paste the link into Notepad (not Word). Notepad does not support html,
so if the link is a fake bbb.org address, the real link will show up.
you still are not sure, go to www.bbb.org
to find your local BBB, and send them a new email to ask if you have a
complaint (do not Reply to the email you received, or forward it to them).
They have been swamped with requests, so you may not hear back
Chris Garver, Chief Information Officer at the
Council of Better Business Bureaus, recommends that all domain owners set up a sender policy framework (SPF) and set their spam filter to
use it. “Using the SPF standard helps fight spam and phishing attacks by
allowing your email servers to verify whether an email is legitimate…or not,”
Microsoft offers a simple, four-step
process for setting up an SPF: www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
If you have
received one of these emails, please send it directly to our phishing
deactivation team at: firstname.lastname@example.org
consumer safety tips, visit www.bbb.org
private, non-profit organization, the purpose of the Better Business Bureau is
to promote an ethical marketplace. BBBs help resolve buyer/seller complaints by
means of conciliation, mediation and arbitration. BBBs also review advertising
claims, online business practices and charitable organizations. BBBs develop
and issue reviews on businesses and nonprofit organizations and encourage
people to check out a company or charity before making a purchase or donation.