Small businesses and consumers across the country are falling victim to another phishing scam exploiting the BBB’s trusted name. According to the University of Alabama at Birmingham’s Spam Data Mine (SDM is one of the nation’s foremost computer forensic labs), the campaign was the second biggest phishing scam in the country on May 2, 2012. SDM is currently assisting the Council of Better Business Bureaus in tracking any phishing scams using the BBB name.

The phishing e-mails – the fifth wave using the BBB’s name since November – use the BBB’s name and logo in an attempt to resemble the notice of a newly filed complaint. Some e-mails have been found to contain a ZIP attachment as well. Whether by an attachment or a link, the phishing e-mails attempt to coerce the recipient into clicking and opening the “complaint,” which downloads malware onto their computer. The malware is designed to infect the computer and look for personal information, such as bank account numbers and passwords, with the intent to steal money from the accounts of recipients.

If you receive an e-mail that looks like it is about a BBB complaint:

1. Do NOT click on any links or attachments.
2. Read the e-mail carefully for signs that it might be fake (look for misspellings, grammar, generic greetings such as “Dear member” instead of a name, etc.).
3. Be wary of any urgent instructions to take specified action such as “Click on the link or your account will be closed.”
4. Hover your mouse over links without clicking to see if the address is truly from bbb.org.
5. Delete the email from your computer completely (be sure to empty your “trash can” or “recycling bin,” as well).
6. Run anti-virus software updates frequently and do a full system scan.
7. If you are uncertain whether the complaint is legitimate, contact your local BBB (www.bbb.org/find).
8. Forward the e-mail to phishing@council.bbb.org so that our security team can track the perpetrators.  If you receive a “bounce” message, there is no need to resubmit.

The BBB also recommends that all businesses take steps to secure their data and the information they have collected on their customers. The BBB’s “Data Security – Made Simpler” is available free-of-charge at www.bbb.org/data-security.