Phishing bait: E-mailed notification about customer complaints from the Dun & Bradstreet Credibility Corp.
Example: [Collected via e-mail, August 2013]
Dun & Bradstreet has received the above-referenced complaint from one of your customers regarding their dealings with you. The details of the consumer's concern are included on the reverse. Please review this matter and advise us of your position.
In the interest of time and good customer relations, please provide the DnB with written verification of your position in this matter by
The Dun & Bradstreet develops and maintains Reliability Reports on companies across the United States and Canada. This information is available to the public and is frequently used by potential customers. Your cooperation in responding to this complaint becomes a permanent part of your file with the Dun and BradStreet. Failure to promptly give attention to this matter may be reflected in the report we give to consumers about your company.
We encourage you to print this complaint (attached file), answer the questions and respond to us.
We look forward to your prompt attention to this matter.
Dun & Bradstreet Credibility Corp. 103 JFK Parkway, Short Hills, NJ 07078
Origins: In July 2013, Internet users began receiving
The mid-2013 Dun & Bradstreet phishing outbreak was simply a slight variation of similar phony messages that had sent out in the name of the Better Business Bureau (BBB) the previous year, prompting that organization to post a warning on its web site advising that:
The e-mails have return addresses that BBB does not use (one example is firstname.lastname@example.org) and it is signed with the address of the Council of Better Business Bureaus, the national office of the BBB system. The e-mail contains a link to a non-BBB web site. Do NOT click on the link.
BBB is working with law enforcement to determine its source and stop the fraudulent campaign.
Last updated: 7 August 2013