Better Business Bureau warns of new scheme

Better Business Bureau is alerting consumers and businesses about a phishing scheme that uses both e-mail messages and blog posts directing recipients and viewers to register software with BBB. BBB wants the public to know that such messages and posts are not coming from any element of the BBB System, and that this attack has not affected BBB computer systems or networks nor has any data been comprised.

Reports to BBB indicate that targeted businesses have received bogus messages requesting them to "register new software and update contact information" with BBB. The messages provide a link for the process. In investigating the attack, BBB has discovered phony notices and postings on various blogs being used as additional tactic to reach victims.

"The messages and posts are most likely part of a large-scale phishing scam leveraging the trusted nature of the BBB name to entice recipients and bloggers to open messages and access attachments or links," said Joan Coughlin, BBB spokesperson. "Anyone receiving an e-mail or viewing a blog requiring the registration of software with BBB should not click on any links or in any way respond to the message, because doing so may allow harmful viruses or spyware to enter the recipient's computer or network."

BBB has determined that there are a number of addresses and subject lines being used in to perpetrate the e-mail element of the attack. Following is a representative sample of actual address and subject lines used in this attack.

  • Address: “Better Business Bureaus Service Center " provisor399@bbb.org
    Subject Line: Council of Better Business Bureaus - We restrict access to nonpublic personal information about you
  • Address: "Better Business Bureaus Update" provisor633@bbb.org
    Subject Line: Better Business Bureaus, Attention: Protecting your personal information
  • Address: Better Business Bureaus Support Center provisor062@bbb.org
    Subject Line: Better Business Bureaus, Attention: Shred unwanted documents that contain personal information.

The phishing scheme is also appearing on multiple blog sites.

BBB is advising consumers and businesses to take the following precautions and actions to steer clear of this phishing attack and to protect their computer systems and networks.

  • Anyone receiving an e-mail similar to those described should not open the message, not click on any links, or respond to the message – the message is not from any entity affiliated with BBB. Opening or viewing a preview of the e-mail, or clicking on the link within the e-mail, could enable a discreet download of a virus or spyware.
  • Report receipt of any such messages. BBB is working with the U.S. Secret Service's Electronic Crimes Task Force (ECTF) to address phishing issues using the BBB name. BBB has established an e-mail address - phishing@council.bbb.org – people can use to forward the message to, thereby reporting the incident to BBB and the ECTF.
  • The public can view updates and the latest information on the phishing attack on the BBB Web site at the Security and Alerts Web page.

You may like these other stories...

Event Date: May 29, 2014 In this presentation Excel expert David Ringstrom, CPA brings you up to speed on the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both...
No field likes its buzzwords more than technology, and one of today's leading terms is "the cloud." But it's not just a matter of knowing what's fashionable. Accounting professionals who know how to use...
There is a growing trend of accountants moving away from traditional compliance work to more advisory work. Client demand is there, but it is up to the accountants to capitalize on that. What should accountants' roles be...

Upcoming CPE Webinars

Apr 22
Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
Apr 24
In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
Apr 25
This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.
Apr 30
During the second session of a four-part series on Individual Leadership, the focus will be on time management- a critical success factor for effective leadership. Each person has 24 hours of time to spend each day; the key is making wise investments and knowing what investments yield the greatest return.