Officials with the Better Business Bureau (BBB) serving Nebraska, South Dakota, the Kansas Plains and Southwest Iowa, are warning that emails claiming to be from BBBs have been received by businesses owners and consumers in our region and throughout the U.S. The BBB name and logo are being fraudulently used by criminals in a phishing scam. The emails look very much like a notice of a complaint from BBB, but they contain links to malware that can infect the recipient’s computer or steal passwords.

Below is an example of one of these emails.

“Dear ________________.
This email has been automatically sent to you because we have got a complaint, claiming that your company XWZ is violating The Safety and Health Act.

You can download the document with the explanation of abuse by following the link.

We also request that you give a reply within 48 hours to us. This message should contain information about what you plan to do with it.

Important note:
When replying to us, please leave the abuse ID “Incident:941665154619:634” unchanged in the subject.

Better Business Bureau
Compliance Department”

If you get an email that looks like it is a BBB complaint:

• Do NOT click on any links or attachments.
• Read the email carefully for signs that it may be fake (for example, misspellings, grammatical errors, generic greetings such as “Dear member” instead of a name, etc.).
• Be wary of urgent instructions to take specified action such as “Click on the link or your account will be closed.”
• Hover your mouse over links without clicking to see if the address is truly from bbb.org. The URL in the text should match the URL that your mouse detects. If the two do not match, it is most likely a scam.
• Send a copy of the email to phishing@council.bbb.org (Note: This address is only for scams that use the BBB name or logo)
• Delete the email from your computer completely (be sure to empty your “trash can” or “recycling bin,” as well).
• Run anti-virus software updates frequently and do a full-system scan.
• Keep a close eye on your bank statements for any unexpected or unexplained transactions.

If you have clicked on any of the links within the email, immediately change your email and network passwords AND notify your local IT provider for next steps and actions.