Most Viewed Stories
- Sheriff's Office encourages 'safety habits' after 'sexual crime' is reported in Seagrove (U
- Fears of oil in inland waters grow after fish kill
- PCB man survives shark bite, plane crash, heart attack, gun shot
- PHOTO SHARE: Marne Rasche finds big snake in the road
- Deputy finds bags of marijuana in car's console
Most Commented Stories
Phishing attack uses BBB name
Scheme has overloaded BBB e-mail servers
Pensacola, Fla. (October 23, 2008) - Your BBB is alerting consumers and businesses about a phishing scheme that surfaced yesterday. It uses both e-mail messages and blog posts directing recipients and viewers to register software with BBB. BBB wants the public to know that such messages and posts are not coming from any element of the BBB system, and that this attack has not compromised any BBB data. However, due to the extraordinary surge in bogus non-delivery notifications (NDRs) being generated from the bbb.org domain, your BBB is unable to send or receive e-mails at this time, which is impacting its ability to receive and process complaints and requests for information.
"The messages and posts are likely part of a large-scale phishing scam using the trusted nature of the BBB name to entice recipients and bloggers to open messages and access attachments or links," said Steve Cox, BBB spokesperson. "Anyone receiving an e-mail or viewing a blog requiring the registration of software with BBB should not click on any links or in any way respond to the message, because doing so may allow harmful viruses or spyware to enter the recipient's computer or network."
Following is a copy of an actual e-mail associated with this phishing scheme:
---------- Original Message ----------------------------------
From: "Better Business Bureaus Account Service" <provisor425@bbb.org>
Date: Wed, 22 Oct 2008 21:04:22 +0000
Attention Better Business Bureaus Consumers!
We've enhanced web surfing process with new security measures to keep your online data and personal information safer.
All registered and new BBB consumers must register new software and update contact information until October 24, 2008.
Please read the following information carefully:
Register your BBB company certificate here>>>Link>>>>
As always, we appreciate your business. And thank you for working with us.
Sincerely, Bertie Devine.
2008 Council of Better Business Bureaus
BBB has determined that there are a number of addresses and subject lines being used in to perpetrate the e-mail element of the attack. The phishing scheme is also appearing on multiple blog sites.
BBB is advising consumers and businesses to take the following precautions and actions to steer clear of this phishing attack and to protect their computer systems and networks.
•Ø Anyone receiving an e-mail similar to those described should not open the message, not click on any links, or respond to the message - the message is not from any entity affiliated with BBB. Opening or viewing a preview of the e-mail, or clicking on the link within the e-mail, could enable a discreet download of a virus or spyware.
•Ø Report receipt of any such messages. BBB is working with the U.S. Secret Service's Electronic Crimes Task Force (ECTF) to address phishing issues using the BBB name. BBB has established an e-mail address - phishing@council.bbb.org - people can use to forward the message to, thereby reporting the incident to BBB and the ECTF.
The public can view updates and the latest information on the phishing attack on the BBB Web site at the Security and Alerts Web page at http://www.bbb.org/securityalerts.
