The EU Business Register 2023/2024 Scam Email [Explained]

The so-called “EU Business Register 2023/2024” email that has been circulating is a scam designed to steal money and personal information from businesses and individuals. This fraudulent email claims recipients can register their company in something called the “EU Business Register 2023/2024” by completing and submitting an attached form.

Do not respond to this email or provide any personal information. The entire thing is an elaborate phishing scam orchestrated by cybercriminals. Keep reading to learn more about how this scam works, what you should do if you received the email, and steps to protect yourself moving forward.

Scam Overview

The scam email claims to be from the “EU Business Register 2023/2024” and uses the email address register@db-register2023.net. The message states that to insert your company in the “EU Business Register for 2023/2024,” you simply need to complete the attached PDF form and return it.

However, there is no such thing as the “EU Business Register” or a 2023/2024 registration period. This is a completely fictitious entity fabricated by scammers to fool potential victims. Their aim is to collect sensitive information and money from recipients who fall for the con.

The email includes an attachment labeled “EBR-form.pdf” that asks for extensive personal and financial information. If you complete and return this form, you are handing over valuable data like your name, company details, bank account information, and more.

Armed with this information, scammers can steal your money and identity or sell your details on the dark web. The end goal is to profit off your data in whatever way they can.

How the Scam Works

The criminals behind the “EU Business Register” scam rely on a variety of deceptive tactics to make their email look convincing and trick recipients into handing over valuable personal data. They use urgency, impersonation, malicious attachments, and follow-up requests for money to carry out their scheme.

Creating a False Sense of Urgency

A key element of the scam is establishing a false sense of urgency to pressure potential victims into responding quickly. The email states that businesses must submit their information for the “2023/2024 registration period” to remain in compliance. This makes it seem like there is a short deadline to take action.

In reality, there is no EU Business Register and no registration requirement. But the scammers bank on recipients not taking the time to realize this and instead rushing to submit their details due to fear of missing a crucial deadline.

Impersonating a Legitimate Government Entity

The email is made to look like official correspondence from the “EU Business Register.” The logo, branding, office addresses, and other details are fabricated to mimic a real governmental body.

For those unfamiliar with actual EU administrative agencies, this veneer of authority lends credibility to the message. Businesses may mistakenly think this is a mandatory registration request from a genuine regulatory organization.

Attaching Malicious PDF Forms

Rather than asking for sensitive information directly in the email, the scammers attach a PDF form labeled “EBR-form.pdf.” This requests information like names, business registration numbers, addresses, phone numbers, bank account and routing numbers, etc.

The extensive personal and financial data being sought should raise red flags. But the scammers know attaching a professional-looking form makes the process seem standardized and normal.

Following Up Asking for Money

In many cases, the information request is just step one. After recipients submit the completed PDF, the scammers will follow up claiming there is a registration “processing fee” that must also be paid.

They provide wire transfer details or request gift card numbers to collect this money. This follows the same pattern phone and tech support scams use to extract payments after gaining remote access.

Obscuring Their True Locations

The scammers hide behind proxy email addresses and offshore hosting to mask their true locations and identities. While the emails claim to come from the Netherlands, the criminal operators likely reside in entirely different countries.

This geographic separation and technical obfuscation makes the scammers difficult to track down for authorities. They can rotate email accounts and domains to further slow investigations.

By combining urgency, impersonation, official-looking forms, and requests for money, the scammers aim to fully dupe each target. What may seem like a legitimate registration request is actually an elaborate con designed to steal identities and turn a profit.

What to Do If You Responded to the Email

If you already responded to the “EU Business Register” email and submitted any personal information, take the following steps right away:

Contact your bank – If you shared financial account details, call your bank immediately and explain the situation. They can monitor your accounts for suspicious activity and may issue new account numbers.
Change online account passwords – Scammers could use your personal info to break into your online accounts. Reset the passwords on all your online accounts as a precaution.
Place fraud alert – Contact one of the three major credit bureaus (Experian, Equifax, TransUnion) and place a fraud alert on your name and Social Security number. This makes it harder for criminals to open new accounts in your name.
Monitor your credit reports – Order a free copy of your credit report from each bureau and review it closely for any accounts you don’t recognize. Check it every few months for signs of fraudulent activity.
File an FTC complaint – Report the scam to the Federal Trade Commission so they can investigate the criminals behind it.
Report to IC3 – File a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov. Your report helps law enforcement identify and stop ongoing criminal schemes.
Beware further scams – Once scammers have your info, they will likely try again. Ignore any additional emails as they may be fraudulent. Don’t send money or additional sensitive data.

Moving forward, exercise caution with any correspondence requesting your personal or financial information. Get in the habit of verifying senders and offers before responding. If you have any doubts, contact the organization directly using official channels, not the contact info in the questionable email.

Frequently Asked Questions

For more on how to identify and avoid the “EU Business Register” scam, read on for answers to some commonly asked questions:

Is the EU Business Register real?

No, there is no official “EU Business Register” registry or database. The entity is completely fabricated by scammers to defraud businesses.

Do companies need to register with the EU annually?

No, there is no registration requirement with the European Union that needs to be renewed each year. Any email claiming so is a scam attempt.

Why do they ask for so much personal information?

By gathering extensive personal and financial information, scammers can steal identities, commit fraud, or sell the data online. Never provide such info in response to an unsolicited email.

What’s the end goal of this scam?

The scammers ultimately want to profit off victims’ information. They may directly steal money with access to bank accounts or make money selling the data on the black market.

Will the scammers follow-up asking for money?

In many cases, yes. The initial information request is step one. The scammers will follow-up saying there is a “registration fee” that must be paid to process submissions. This is another attempt to steal money.

What government agency regulates EU business registrations?

There is no single EU agency that handles business registrations. Requirements vary by country. Scammers exploit this fact to seem legitimate.

Are the scammers really located in the Netherlands?

No, the Netherlands addresses are fake. The scammers use proxy email and domain services to hide their true locations, which are likely overseas.

What happens if I submitted my information already?

Immediately contact your bank, place fraud alerts, monitor your credit, and change online account passwords. File complaints with the FTC and FBI to help prevent further harm.

How can I report this scam?

Forward the email to the FTC at spam@uce.gov. You can also file a complaint at www.ftc.gov/complaint. Reporting the scam helps authorities in their investigations.

How can I protect myself from future scams?

Always manually type in official website URLs rather than clicking links or call companies directly using publicly available contact information to verify questionable emails. Enable two-factor authentication on your accounts and be wary of any requests for personal data.

The Bottom Line

The fraudulent “EU Business Register 2023/2024” email is a phishing scam aimed at stealing identities and money. Never respond to unsolicited messages requesting sensitive information. There is no real EU registration requirement that companies need to renew each year.

Be vigilant and take steps to protect yourself from these types of scams moving forward. Report any suspicious correspondence to help authorities stop cybercriminals in their tracks. With caution and awareness, you can avoid becoming the victim of phishing cons like this.

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

Stop and verify before you click, log in, download, or pay.

Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.

Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.

Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.

Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.

Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.

Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.

Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).

Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.

Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.

Move quickly. Speed matters for disputes, account recovery, and limiting damage.
- Stop payments and contact: do not send more money or respond to the scammer.
- Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
- Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
- Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
- Scan your device: remove suspicious apps or extensions, then run a full malware scan.
- Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
- Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.