The EU Business Register 2023/2024 Scam Email [Explained]

The so-called “EU Business Register 2023/2024” email that has been circulating is a scam designed to steal money and personal information from businesses and individuals. This fraudulent email claims recipients can register their company in something called the “EU Business Register 2023/2024” by completing and submitting an attached form.

Do not respond to this email or provide any personal information. The entire thing is an elaborate phishing scam orchestrated by cybercriminals. Keep reading to learn more about how this scam works, what you should do if you received the email, and steps to protect yourself moving forward.

EU Scam

Scam Overview

The scam email claims to be from the “EU Business Register 2023/2024” and uses the email address register@db-register2023.net. The message states that to insert your company in the “EU Business Register for 2023/2024,” you simply need to complete the attached PDF form and return it.

However, there is no such thing as the “EU Business Register” or a 2023/2024 registration period. This is a completely fictitious entity fabricated by scammers to fool potential victims. Their aim is to collect sensitive information and money from recipients who fall for the con.

The email includes an attachment labeled “EBR-form.pdf” that asks for extensive personal and financial information. If you complete and return this form, you are handing over valuable data like your name, company details, bank account information, and more.

Armed with this information, scammers can steal your money and identity or sell your details on the dark web. The end goal is to profit off your data in whatever way they can.

How the Scam Works

The criminals behind the “EU Business Register” scam rely on a variety of deceptive tactics to make their email look convincing and trick recipients into handing over valuable personal data. They use urgency, impersonation, malicious attachments, and follow-up requests for money to carry out their scheme.

Creating a False Sense of Urgency

A key element of the scam is establishing a false sense of urgency to pressure potential victims into responding quickly. The email states that businesses must submit their information for the “2023/2024 registration period” to remain in compliance. This makes it seem like there is a short deadline to take action.

In reality, there is no EU Business Register and no registration requirement. But the scammers bank on recipients not taking the time to realize this and instead rushing to submit their details due to fear of missing a crucial deadline.

Impersonating a Legitimate Government Entity

The email is made to look like official correspondence from the “EU Business Register.” The logo, branding, office addresses, and other details are fabricated to mimic a real governmental body.

For those unfamiliar with actual EU administrative agencies, this veneer of authority lends credibility to the message. Businesses may mistakenly think this is a mandatory registration request from a genuine regulatory organization.

Attaching Malicious PDF Forms

Rather than asking for sensitive information directly in the email, the scammers attach a PDF form labeled “EBR-form.pdf.” This requests information like names, business registration numbers, addresses, phone numbers, bank account and routing numbers, etc.

The extensive personal and financial data being sought should raise red flags. But the scammers know attaching a professional-looking form makes the process seem standardized and normal.

Following Up Asking for Money

In many cases, the information request is just step one. After recipients submit the completed PDF, the scammers will follow up claiming there is a registration “processing fee” that must also be paid.

They provide wire transfer details or request gift card numbers to collect this money. This follows the same pattern phone and tech support scams use to extract payments after gaining remote access.

Obscuring Their True Locations

The scammers hide behind proxy email addresses and offshore hosting to mask their true locations and identities. While the emails claim to come from the Netherlands, the criminal operators likely reside in entirely different countries.

This geographic separation and technical obfuscation makes the scammers difficult to track down for authorities. They can rotate email accounts and domains to further slow investigations.

By combining urgency, impersonation, official-looking forms, and requests for money, the scammers aim to fully dupe each target. What may seem like a legitimate registration request is actually an elaborate con designed to steal identities and turn a profit.

What to Do If You Responded to the Email

If you already responded to the “EU Business Register” email and submitted any personal information, take the following steps right away:

  • Contact your bank – If you shared financial account details, call your bank immediately and explain the situation. They can monitor your accounts for suspicious activity and may issue new account numbers.
  • Change online account passwords – Scammers could use your personal info to break into your online accounts. Reset the passwords on all your online accounts as a precaution.
  • Place fraud alert – Contact one of the three major credit bureaus (Experian, Equifax, TransUnion) and place a fraud alert on your name and Social Security number. This makes it harder for criminals to open new accounts in your name.
  • Monitor your credit reports – Order a free copy of your credit report from each bureau and review it closely for any accounts you don’t recognize. Check it every few months for signs of fraudulent activity.
  • File an FTC complaint – Report the scam to the Federal Trade Commission so they can investigate the criminals behind it.
  • Report to IC3 – File a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov. Your report helps law enforcement identify and stop ongoing criminal schemes.
  • Beware further scams – Once scammers have your info, they will likely try again. Ignore any additional emails as they may be fraudulent. Don’t send money or additional sensitive data.

Moving forward, exercise caution with any correspondence requesting your personal or financial information. Get in the habit of verifying senders and offers before responding. If you have any doubts, contact the organization directly using official channels, not the contact info in the questionable email.

Frequently Asked Questions

For more on how to identify and avoid the “EU Business Register” scam, read on for answers to some commonly asked questions:

Is the EU Business Register real?

No, there is no official “EU Business Register” registry or database. The entity is completely fabricated by scammers to defraud businesses.

Do companies need to register with the EU annually?

No, there is no registration requirement with the European Union that needs to be renewed each year. Any email claiming so is a scam attempt.

Why do they ask for so much personal information?

By gathering extensive personal and financial information, scammers can steal identities, commit fraud, or sell the data online. Never provide such info in response to an unsolicited email.

What’s the end goal of this scam?

The scammers ultimately want to profit off victims’ information. They may directly steal money with access to bank accounts or make money selling the data on the black market.

Will the scammers follow-up asking for money?

In many cases, yes. The initial information request is step one. The scammers will follow-up saying there is a “registration fee” that must be paid to process submissions. This is another attempt to steal money.

What government agency regulates EU business registrations?

There is no single EU agency that handles business registrations. Requirements vary by country. Scammers exploit this fact to seem legitimate.

Are the scammers really located in the Netherlands?

No, the Netherlands addresses are fake. The scammers use proxy email and domain services to hide their true locations, which are likely overseas.

What happens if I submitted my information already?

Immediately contact your bank, place fraud alerts, monitor your credit, and change online account passwords. File complaints with the FTC and FBI to help prevent further harm.

How can I report this scam?

Forward the email to the FTC at spam@uce.gov. You can also file a complaint at www.ftc.gov/complaint. Reporting the scam helps authorities in their investigations.

How can I protect myself from future scams?

Always manually type in official website URLs rather than clicking links or call companies directly using publicly available contact information to verify questionable emails. Enable two-factor authentication on your accounts and be wary of any requests for personal data.

The Bottom Line

The fraudulent “EU Business Register 2023/2024” email is a phishing scam aimed at stealing identities and money. Never respond to unsolicited messages requesting sensitive information. There is no real EU registration requirement that companies need to renew each year.

Be vigilant and take steps to protect yourself from these types of scams moving forward. Report any suspicious correspondence to help authorities stop cybercriminals in their tracks. With caution and awareness, you can avoid becoming the victim of phishing cons like this.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.