New Phishing Scam; Beware the BBB!
I recently became aware of a relatively new “phishing” scam that’s making the rounds. This one is particularly insidious to my mind because it’s most likely to catch customer-service oriented business people — the kind of folks who try their best to “do right” by their customers. (The kind of people who read this blog!)
The way it came to my attention was that I got what appeared to be an e-mail from the BBB, alleging a complaint from someone. It looked pretty official and for a couple of minutes I was a little bit taken aback. What could I have done that made someone so upset they filed a complaint with the BBB? None of my clients or business associates had said anything directly to me about being unhappy…
My first clue that something might be amiss was that I had never heard of the person who supposedly had filed the complaint. Now, y’all may not have noticed, but I’m not exactly a large multi-national corporation. I pretty much know everyone I work with, and I was at a total loss as to who this guy might be. Hmmm.
Well, the e-mail advised me that the attached Word document would give me all the details of the complaint and also the procedure I should use to resolve it. My anti-virus and anti-spyware protection is pretty robust and always up to date (has to be, given the amount of time I spend out on the Wild Wild Web), so I took a chance and downloaded the document. Scanned it for viruses, and it came back clean, so I clicked on it.
And that’s when I got my second clue that this might not be on the up-and-up. Instead of having the promised information, the Word document instead contained what purported to be an embedded Adobe Acrobat PDF document. Now, why would the BBB go through the trouble of creating a PDF (a perfectly acceptable document type to e-mail) and then embed that PDF into a Word document for e-mailing? Didn’t make sense. Double-hmmm.
The third clue was when I tried to open the PDF. (Yeah, risky… I know. But I was curious, and I have confidence in my anti-virus protection — as it happens, apparently well-placed confidence.) My anti-virus software came back and alerted me that this supposed “PDF” was trying to run some sort of executable file, and that this didn’t seem safe. I opted to not run the file. (Hey, I may be a bit of a risk-taker, but I’m not crazy!)
Usually, I’m a “three strikes and you’re out” kinda person, but just in case this was from the BBB, I didn’t want to leave a customer complaint un-answered (even if it was from somebody I’d never heard of before). So I looked closer at the e-mail itself.
This time around, I noticed the return address actually said it was from the Better Business Bureaus. The name of the organization is Better Business Bureau (no “s” on the end). And checking the details of the header showed the message actually originated on a server that belonged to a company that didn’t seem to have anything to do with the BBB.
So I went to the BBB website, to see if there was a way I could enquire about the legitimacy of this message. And that’s where I found this warning. As I had come to suspect, the message is a scam!
So, thanks to good virus/spyware protection and a suspicious turn of mind, I wasn’t affected by this scam. But I wanted to help get the word out, in case there are other conscientious, customer-service oriented business people out there among our readers, who might get taken in by this phony “complaint” scam.
May 18 2007 | General Business Issues | 1 Comment »
