The Better Business Bureau is warning businesses about bogus emails claiming to be from the BBB.
The Bureau says these emails are not coming from the BBB and are part of a widespread phishing attack.
The BBB says they’ve received hundreds of inquires about the bogus emails.
The email claims the business is in violation of either the Safety and Health Act, the Fair Labor Standards Act or has a BBB complaint.
The link asks you to download a document for more information, but the BBB says to not click on it, as it may download malware onto your computer.
The BBB says to follow these steps if you get the email:
1. Do NOT click on any links or attachments.
2. Read the email carefully for signs that it may be fake (for example, misspellings, grammar, generic greetings such as “Dear member” instead of a name, BBB internal department names that do not seem familiar, etc.).
3. Be wary of any urgent instructions to take specified action such as “Click on the link or your account will be closed.”
4. Hover your mouse over links without clicking to see if the address is truly from bbb.org. The URL in the text should match the URL that your mouse detects. If the two do not match, it is most likely a scam.
5. Send a copy of the email to firstname.lastname@example.org (Note: This address is only for scams that use the BBB name or logo)
6. Delete the email from your computer completely (be sure to empty your “trash can” or “recycling bin,” as well).
7. Run anti-virus software updates frequently and do a full system scan.
8. Keep a close eye on your bank statements for any unexpected or unexplained transactions.
Phishing is often a sophisticated email attempt to trick the recipient into first opening a fraudulent message and then revealing personal and financial information.
A phishing email usually arrives disguised as an email from a legitimate company or known person. Of course, the email is from one of the bad guys.
The bogus email might seek a payment and direct the user to a replica of a banking website, for example, or to a phony payment center of a utility company.
Phishing email also may be crafted strictly to lure a user to a malicious website, where malware would be installed through the user’s browser via an undetected download. The victim could then be monitored by a criminal enterprise in search of sensitive data.
Charity donations, online banking problems, or IRS inquiries are common themes in phishing scams.
Some Internet browsers have phishing and malware detection in their default settings, but not all. Don’t reply to or click links within texts, emails, or pop-up messages requesting personal information.
Some tips to help protect against phishing emails:
- Do not respond to any unsolicited e-mails of this nature.
- Do not click on any attachments associated with such emails, as they may contain viruses or malware.
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email.
- If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
- Don’t email personal or financial information. Email is not a secure method of transmitting personal information.
- If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”).
- Use anti-virus software such as VIPRE and keep your computer security up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.
Welcome to WordPress. This is your first post. Edit or delete it, then start writing!