BETTER BUSINESS BUREAU
OF WESTERN MICHIGAN, INC
News Release #20120118
Issued: January 18, 2012
Contact: Phil Catlett, President
616.774.8236 - 800.684.3222
Beware of fake complaint or request for information email claiming to be from bbb.org. If you receive an e-mail from a bbb.org address, DON’T OPEN IT!
The Better Business Bureau is warning businesses to beware of a malicious email that pretends to be from the BBB about a complaint, or seeking accreditation information from the company.
The phishing email is sent from the multiple email addresses with the subject line “Complaint #” followed by a nine-digit number, or referencing an SBQ Form. BBB Accredited and non-Accredited Businesses have been targeted and some consumers have received the Email.
The body of the email claims that the company has received a complaint, or that the BBB needs more information, and asks them to respond by directing them to click through to what is actually is disguised link to a third party website.
Because the message is fraudulent, the BBB advises any business that receives this email to take the following steps:
- Do not click on any links or reply to the message,
- Completely delete the message from your inbox, and
- Run a full virus scan on your computer if you did click on any links.
If you receive an email from the Better Business Bureau and need assistance in determining whether or not it is legitimate, contact the BBB Serving Western Michigan at (616) 774-8236 or 800-684-3222.
For more advice on how to protect your business from malicious online attacks and data breaches visit www.bbb.org/data-security/
Example of BBB Complaint Phishing Email
If you have received the message below THIS IS A SCAM!
----- Original Message -----
Sent: Wednesday, November 23, 2011 6:28 AM
Subject: Complaint # 22127769
The Better Business Bureau has received the above-referenced complaint from one of your customers regarding their dealings with you.
The details of the consumer's concern are included on the reverse.
Please review this matter and advise us of your position.
As a neutral third party, the Better Business Bureau can help to resolve the matter. Often complaints are a result of misunderstandings a company wants to know about and correct.
We encourage you to use our ONLINE COMPLAINT system to respond this complaint.
The following URL (website address) below will take you directly to this complaint and you will be able to enter your response directly on our website:
The Better Business Bureau develops and maintains Reliability Reports on companies across the United States and Canada .
This information is available to the public and is frequently used by potential customers.
Your cooperation in responding to this complaint becomes a permanent part of your file with the Better Business Bureau.
Failure to promptly give attention to this matter may be reflected in the report we give to consumers about your company.
Council of Better Business Bureaus
4200 Wilson Blvd, Suite 800
Arlington, VA 22203-1838
Example of BBB SBQ Phising Scam Email
Sent: Thursday, January 19, 2012 8:07 AM
Subject: BBB SBQ Form #22227099(Ref#14-22227099-0-4)
Thank you for supporting your Better Business Bureau (BBB). Your BBB receives more than 6,500 requests for information every day and provides reliability reports to consumers 365 days a year, 24 hours a day, and 7 days a week.
As a service to BBB Accredited Businesses, we try to ensure that the information we provide to potential customers is as accurate as possible. In order for us to provide the correct information to the public, we ask that you review the information that we have on file for your company.
We encourage you to use our ONLINE FORM to provide us with this updated information. The URL below will take you directly to this form on our website:
CLICK HERE to login to your BBB account (UserID: 22227099 Password: pv6r4hm)
You may also complete the form on the reverse side of this letter and mail to PO Box 1000; DuPont, WA; 98327; or fax to (206)436-5496.
Please look carefully at your telephone and fax numbers on this sheet, and let us know any and all numbers used for your business (including 800, 900, rollover, and remote call forwarding). Our automated system is driven by telephone/fax numbers, so having accurate information is critical for consumers to find information about your business easily. In addition, many consumers may search our database using your e-mail and/or Web address, so please be sure to include this information as well. As a BBB accredited business, you receive a free hyperlink from your online reliability report to your company Web site if provided to us.
Thank you again for your support, and we look forward to receiving this updated information.
BBB Urges ICANN to Beef Up Enforcement Against Scams and Fraud Before Adding
New Top Level Domains
100-year-old consumer protection group
cites as evidence its own on-going
problem as target of massive phishing scam
using its famous logo
Washington, DC (December 14, 2011) – Consumer fraud, e-mail scams, “phishing” expeditions, viruses and malware are all part of the Internet landscape in today’s online marketplace, and it’s going to get a lot worse, according to the Council of Better Business Bureaus (CBBB). The 100-year old consumer protection organization told the House Energy and Commerce Committee’s Subcommittee on Technology and Communications that a proposal by the Internet Corporation for Assigned Names and Numbers (ICANN) would exacerbate a problem that already defrauds consumers and businesses alike. Starting in January, ICANN plans to greatly increase the number of available top level domains (the extension to the right of the dot in Internet addresses).
“Even with the safeguards planned by ICANN, the launch of new top level domains is going to make protecting our brand – and those of many other businesses and nonprofits -- a great deal more difficult and costly unless specific measures are taken in the process of expanding the number of TLDs,” testified Anjali Hansen, CBBB’s intellectual property attorney. “BBB urges ICANN to put more protections in place now, before the problems increase exponentially.”
Hansen told the subcommittee how challenging it is to defend iconic brands such as BBB against Internet fraud and illegal activity. “Because the BBB marks are so trusted by consumers and relied on by businesses, they are high profile targets for scammers and criminal groups, who unceasingly try to commandeer them to gain instant credibility and defraud consumers,” said Hansen. “Our staff and financial resources are strained to the limit today just trying to keep up with these problems which occur almost exclusively online.”
The BBB system is currently the target of a massive email scam. Thousands of consumers have called and emailed its offices around the country about a notice that looks like an official email from BBB. Untold numbers of consumers have likely, but unintentionally, infected their computers by opening links or attachments that came with the fraudulent emails.
Hansen also noted that ICANN’s proposed process for protecting trademarks is too burdensome and costly for most small businesses, non-profit organizations and charities. Brand owners will have to pay to register their own trademarks in ICANN’s central Trademark Clearinghouse, and then buy them again in each TLD to keep them out of the hands of scammers. CBBB told the subcommittee that registering once should be enough, and ICANN should block the new TLD registries from selling domains that incorporate properly registered trademarks.
“Without more controls, the Internet will increasingly serve criminal interests over the public interest,” said Hansen. “We recommend that ICANN’s plans to expand top level domains include procedures that encourage the application of standards by registries and registrars, which in turn will help reduce costs to businesses and restore the trust of consumers. “
For a copy of CBBB’s testimony, please contact Kelsey Owen at 703-247-9376 or firstname.lastname@example.org
Update – January 18, 2012
Anyone who received the fake BBB email and clicked on one of the links prior to the deactivations, and who didn’t have adequate antivirus protection, were likely infected. The particular virus at play is known as “Zeuss” or “Zbot” and is a “Trojan Horse” or spyware virus that downloads onto a recipient’s computer and harvests confidential and personal data without detection. According to the FBI, one criminal organization used Zeuss to collect $70 million from victims. It is thus imperative that anyone who believes they may have been infected do a security analysis and have the malware eradicated.
This particular malware first surfaced back in 2007. Council’s antivirus provider, Symantec, published an antivirus signature in 2010. A link to the Symantec description of the virus is provided below. Please ensure that your antivirus protection services cover Zeuss/Zbot.
Please review the following informational links for more detail and pass this information along to any of your contacts that might have been affected.
From Symantec’s website (aka Norton Anti-Virus):
From the FBI’s Internet Crimes Complaint Center. Council has reported the BBB phishing scam to IC3 and they have included our scam in the following alert: http://www.ic3.gov/media/2010/corporateaccounttakeover.pdf
We have consulted with cyber security experts who have informed us that even when an organization has antivirus protection in place, there is still potential on occasion for the virus to infiltrate a network. This can happen under the following circumstances:
- The antivirus is disabled or misconfigured by the end user
- The antivirus definitions are not updated
- The network layer spam filter and web filter are not present or not updated
Our cyber security experts have provided us with the following recommendations that your BBB should also implement as appropriate:
- Implement a spam filter appliance that processes all email before reaching the internal mail server
- Make sure the spam filter has the ability to scan for malware
- Implement a web proxy filter that inspects all Internet traffic before leaving the local network
- Implement a centralized antivirus solution that:
- forces daily updates to the client systems including both antivirus version updates and antivirus signature updates, and
- prevents users from disabling or modifying settings for the AV service
- Implement workstation access privilege policies whereby end users do not have administrative level access to their local system. Malware is generally limited in what damage it can cause to a system when the local user does not have administrative level access
The regional Better Business Bureau of Western Michigan services 38 counties in western Michigan. Our office is located in the Trust Building, 40 Pearl ST NW STE 354, Grand Rapids MI 49503. 616.774.8236 (Voice) 616.774.2014 (Fax) 800.684.3222 (Toll Free West Michigan ONLY).
BBB is an unbiased non-profit organization that sets and upholds high standards for fair and honest business behavior. Businesses that earn BBB accreditation contractually agree and adhere to the organization’s high standards of ethical business behavior. BBB provides objective advice, free business BBB Business Reviews and charity BBB Wise Giving ReportsTM, and educational information on topics affecting marketplace trust. To further promote trust, BBB also offers complaint and dispute resolution support for consumers and businesses when there is difference in viewpoints. The first BBB was founded in 1912. Today, 122 BBBs serve communities across the U.S. and Canada, evaluating and monitoring more than three million local and national businesses and charities. Please visit www.bbb.org for more information about BBB.