Better Business Bureau of Southern Arizona is issuing an urgent scam alert cautioning businesses and consumers about an email that is purporting to be from BBB about a complaint concerning an “unauthorized transaction.”

The email contains the following text:

“Dear business owner, we have obtained several complaints via the Better Business Bureau online complaint center concerning several unauthorized transaction from a number of private bank accounts to your corporate account. You can view the complaints in our online complaint center using the following link: (link deleted by BBB).”

Some consumers and business report receiving upwards of 50 of these emails in the past 24 hours. The email contains a dangerous link and bogus sign in information. This is a scam – BBB does not accept or send complaints concerning private financial transactions with a bank.

Should you receive such an email, please disregard its message, and forward any information received to phishing@council.bbb.org, and then delete it.  If you have clicked on the link, immediately do a virus scan.

Better Business Bureau of Southern Arizona is warning of a  scam targeting cell phone users. “Smishing,” similar to “phishing,” uses text messages to bait consumers into divulging their personal information.

One form of the scam tricks consumers into believing their bank accounts have been frozen. The text message appears to come from the consumer’s bank and directs the victim to call a provided number to unfreeze the account. The number provided connects to the scammers, who ask for the victim’s personal information – account number, PIN and Social Security number.

The scam can take many forms, such as promising a free laptop, mortgage assistance or lottery winnings. Some texts might even offer a free product, such as a security app, to get you to click on a link which then downloads identity stealing software to your phone. Regardless of the tactic used, the overall objective is to steal your personal information.

According to online security firm Trusteer, cell phone users are three times more likely to fall for fake messages than computer users.

BBB offers these tips from AARP on how to protect your personal information from smishing texts:

• Do not reply. Replying to a spam text only verifies that your number is active, meaning more messages can be sent.
• Check with your bank directly. Separate from the text, look up your bank’s phone number and (more…)

Until this weekend, Epsilon wasn’t exactly a household name. But now that the marketing giant firm has notified its high-profile customers that it was the victim of a data breach, web results and social media trends about the company are growing by the minute.

If your bank, credit card lender, or favorite retailer is an Epsilon customer, you need to keep an eye on your email and a tight grip on your personal information. The same goes for parents and students signed-up with The College Board for prep tests and help with their college search.

“According to the notifications BBB received, only names and email addresses were compromised by the hack. Reports indicate that personal and financial information on file with Epsilon were not accessed,” said Kim States, BBB President. “However, it is very likely that information obtained during the breach could be used in phishing attacks designed to scare customers into divulging personal and financial information,” Barnett added.

While BBB has received notices from Best Buy, Chase, BJ’s and The College Board, it has not been able to confirm exactly how many consumers are at risk. But the attack certainly has the potential of impacting a huge number of consumers. On its Web site, Epsilon states, “We are the world’s largest permission-based email marketing provider, sending over 40 billion emails annually.” In a press release, Reuters claimed this “…could be one of the biggest such breaches in U.S. history…”

BBB Tips to Avoid Phishing

Beware of any email asking for personal, financial or account information. Legitimate companies you rely on for your online shopping, financial needs and college tests will not request this information – they already have it.

Do not open any attachments. Attachments may contain malicious code that will infect your computer.

Do not click on any links. If you want to communicate with the business use your favorite search engine to find their Web site and/or contact information. Do not trust the information provided in the email.

Never provide your User ID or password in an e-mail.

Watch for strange emails from family/friends. Hackers sometimes use stolen information to pose as someone in your address book.

Make sure your computer’s spyware, spam filter and virus protection are up to date.

Report suspicious emails to www.ic3.gov, and forward them to info@tucson.bbb.org.

At this time, the following organizations’ customer records have been reportedly compromised by the Epsilon data breach:

BJ’s
Barclays Bank of Delaware
Best Buy
Brookstone
Capital One
Chase
Citi
Disney Destinations
Home Shopping Network
JPMorgan Chase
Kroger
LL Bean
Marriott Rewards
McKinsey & Company
New York & Company
Ritz-Carlton Rewards
The College Board
TiVo
US Bank
Walgreens