You’ve taught me to be paranoid when it comes to computer email, Dave, which is good. I got a note from a gal named Shawna Dennis from the Better Business Bureau saying that they’ve received a complaint from one of my customers and that I should reply to the complaint to share my side of the story. But my customers would come to me with complaints, not some Bureau in Arlington, Virginia. What’s the story? Is this legit?
Good job being skeptical! This is the latest in a long line of email scams that are designed to get you to click on that all-important link that will drop malware, spyware, viruses, etc, onto your computer, often before you realize what’s happened.
Definitely not good.
As with any email that asks you to “click here” or go to a specific spot with a convenient clickable link in the message, you should be skeptical!
If your email message looks like the one I received overnight from “Shawna Dennis” of the Better Business Bureau, then it’s definitely not legit.
Here’s what I got, for reference:
Certainly looks legitimate and, if it’s a valid customer complaint, a cause for concern.
But let’s look at it a bit more closely. First off, “to reply this complaint”? Isn’t there a “to” missing from that sentence? Then there’s the “above-referenced complaint”, but there’s no complaint referenced “above”. Maybe with a line like “Complaint: RD-4320403” or similar that could make sense, but not like this.
The smart thing to do is to always check a link before you click it anyway, and in Apple Mail, the program pops up the URL that you’d visit upon clicking:
That’s it. Delete the message now without ever clicking on anything. A URL that has the IP address of the host rather than a legitimate host name? Dangerous, for sure. Then there’s the directory “1e7d5e”? Sounds like it’s randomly generated to me.
If you did click on the URL and had a modern browser like Google Chrome, you’d then learn of the danger that it’d just saved you from:
Yikes. Not good stuff at all. And “.kr”? That’s Korea. Not where you’d expect our friend Shawna Dennis to be working as part of the Council of Better Business Bureaus out of Arlington, Virginia. 🙂
The tech facts may be correct, but the email I have received is a sales pitch” to become a member, pay for membership to the BBB. A great consumer scam, the BBB is.
I bet the person originally asking the question is not a member of the BB, so in essence it is a sales call cloaked as a concern from the BBB.
Another, albeit lower tech solution, is to actually contact the BBB if you are worried about your customers.
The phone number they gave is legitimate (I did a reverse lookup on the number), but you could just go to:
http://www.bbb.org/
Thanks very much, Dave for this answer. I’ve made it a policy to never click on links or open attachments from anyone I don’t know.
I’m cautious even with emails from folks I DO know, since some of them are not very security-conscious.
Thanks for all your great work!
John