The Better Business Bureau is warning businesses not to click on an email that claims to be a “BBB SBQ” (standard business questionnaire). The email was sent out Friday morning to what is believed to be tens of thousands of businesses across the country. The email has a ZIP file attachment that links to a site that can download malware on the user’s computer. Spoofing well-known and trusted brands is a common scam tactic. Other organizations such as the IRS, the FBI and Fortune 500 companies have been spoofed in similar phishing campaigns that victimized consumers and businesses.

BBB officials say as soon as they became aware of the scam, they immediately notified their security vendors and are in the process of taking down the website.  The emails are coming from the domain “BBBL.org,” which is not a BBB domain name, although it is clearly designed to look as if it is. The domain name was created last October and is registered to an individual in Antwerp, Belgium. It’s not immediately clear if the domain owner is directly involved in the phishing scam, but BBB will be turning over its information to the FBI and Interpol for further investigation.

BBB offers this advice to anyone who receives this or other unsolicited emails with links or attachments:
. Do not click on links or open attachments in unsolicited email.
. If your email program allows it, tag the email as spam.
. Report the email to your Internet Service Provider.
. If you are unsure if an email is legitimate, call the sender using a phone number that you know to be correct (not from the email).
. Check out BBB Scam Stopper (bbb.org/scam) for additional information on scams.