The Better Business Bureau (BBB) scam tracker is currently reporting 200 phishing scams all across Texas, with financial losses ranging from $35 to $3,000.
This is a standard phishing scam that is targeting small businesses and appears in the form of links or attachments in an email. Once you click on them, malware is automatically downloaded to your computer, and scammers can access your personal data and steal your credit card information. The scam is disguised as a request for proposal (RFP) attachment to attract the attention of local entrepreneurs, who know RFPs are a good way to win new contracts and establish connections with clients.
There seem to be two versions of this scam. In one, an email with an official-looking PDF file is sent, and when a person clicks on the PDF, malware is downloaded to their computer. In another version, a link in the email takes you to a form that asks you to fill in your personal banking information, claiming that you need to provide payment details.
More than 98% of businesses across the state are small businesses, and BBB is issuing a state-wide warning to owners not to open any emails from sources they don’t trust.
The BBB office in Texas has also provided a list of tips that companies can use to protect themselves from phishing scams:
- Visit the company’s website. Most scammers claim they belong to a government agency to invoke a sense of trust. This can easily be checked by visiting the agency’s website and seeing whether they posted any RFPs online. You should also call them to check whether they sent emails to small business owners.
- Call the contact provided in the email. If no one answers the phone or people refuse to speak to you, then you can be certain that they’re trying to scam you.
- Be wary of generic emails. Since scammers usually try to cast a wide net, any lack of personal details and generic-looking RFP forms could potentially indicate shady dealings.
- Never open attachments. If you have any doubts, it’s better to be safe than sorry. Unless you’re receiving an email from a completely trusted source, don’t click on any attachments. Another good idea is to check whether the files have a .exe extension. These types of files are often disguised as PDFs.
- Don’t trust logos. Even official-looking logos can potentially be fake. The same goes for email addresses and other contact information.
If you have taken the necessary precautions and noticed a scam, report it. This way, you’ll help the authorities fight fraud and potentially help save small businesses such as yours from getting swindled.