They're at it again! Phony e-mails
bearing the BBB name are bombarding in-boxes across the country. The recent attack on consumers and businesses
led the FBI to issue an alert this week about the recurrent scam.
BBB's visibility
and reputation for trust makes us an ideal vehicle for scammers.
Consider that bbb.org receives over six million visits every month; this
makes us an attractive decoy for fraud and malicious activity.
We
recommend that all domain owners set up a sender policy framework (SPF)
and set their spam filter to use it. Using the SPF standard helps
fight spam and phishing attacks by allowing your e-mail servers to verify
whether an e-mail is legitimate.
Microsoft offers a simple, four-step process for setting up an SPF:www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/.
Please whitelist the following BBB e-mail addresses:
If
you receive an e-mail saying that your business has a complaint filed
against it with BBB, there are several things you can do to authenticate
it:
- Look for typos, grammatical errors, etc. in the text that could indicate it originated overseas.
- Check
to see who it says it is from. Complaints go out from the local BBBs,
not from the headquarters office. If you "whitelisted" the address
above, this may eliminate your problems.
- Hover your mouse over the link to see if its destination is really a bbb.org address.
- Copy
and paste the link into Notepad (not Word). Notepad does not support
html, so if the link is a fake bbb.org address, the real link will show
up.
The
BBB system is working with federal law enforcement agencies to identify
the perpetrator(s) of this fraud and has retained a deactivation
company to help with those efforts.
