The so-called “EU Business Register 2023/2024” email that has been circulating is a scam designed to steal money and personal information from businesses and individuals. This fraudulent email claims recipients can register their company in something called the “EU Business Register 2023/2024” by completing and submitting an attached form.
Do not respond to this email or provide any personal information. The entire thing is an elaborate phishing scam orchestrated by cybercriminals. Keep reading to learn more about how this scam works, what you should do if you received the email, and steps to protect yourself moving forward.
Scam Overview
The scam email claims to be from the “EU Business Register 2023/2024” and uses the email address register@db-register2023.net. The message states that to insert your company in the “EU Business Register for 2023/2024,” you simply need to complete the attached PDF form and return it.
However, there is no such thing as the “EU Business Register” or a 2023/2024 registration period. This is a completely fictitious entity fabricated by scammers to fool potential victims. Their aim is to collect sensitive information and money from recipients who fall for the con.
The email includes an attachment labeled “EBR-form.pdf” that asks for extensive personal and financial information. If you complete and return this form, you are handing over valuable data like your name, company details, bank account information, and more.
Armed with this information, scammers can steal your money and identity or sell your details on the dark web. The end goal is to profit off your data in whatever way they can.
How the Scam Works
The criminals behind the “EU Business Register” scam rely on a variety of deceptive tactics to make their email look convincing and trick recipients into handing over valuable personal data. They use urgency, impersonation, malicious attachments, and follow-up requests for money to carry out their scheme.
Creating a False Sense of Urgency
A key element of the scam is establishing a false sense of urgency to pressure potential victims into responding quickly. The email states that businesses must submit their information for the “2023/2024 registration period” to remain in compliance. This makes it seem like there is a short deadline to take action.
In reality, there is no EU Business Register and no registration requirement. But the scammers bank on recipients not taking the time to realize this and instead rushing to submit their details due to fear of missing a crucial deadline.
Impersonating a Legitimate Government Entity
The email is made to look like official correspondence from the “EU Business Register.” The logo, branding, office addresses, and other details are fabricated to mimic a real governmental body.
For those unfamiliar with actual EU administrative agencies, this veneer of authority lends credibility to the message. Businesses may mistakenly think this is a mandatory registration request from a genuine regulatory organization.
Attaching Malicious PDF Forms
Rather than asking for sensitive information directly in the email, the scammers attach a PDF form labeled “EBR-form.pdf.” This requests information like names, business registration numbers, addresses, phone numbers, bank account and routing numbers, etc.
The extensive personal and financial data being sought should raise red flags. But the scammers know attaching a professional-looking form makes the process seem standardized and normal.
Following Up Asking for Money
In many cases, the information request is just step one. After recipients submit the completed PDF, the scammers will follow up claiming there is a registration “processing fee” that must also be paid.
They provide wire transfer details or request gift card numbers to collect this money. This follows the same pattern phone and tech support scams use to extract payments after gaining remote access.
Obscuring Their True Locations
The scammers hide behind proxy email addresses and offshore hosting to mask their true locations and identities. While the emails claim to come from the Netherlands, the criminal operators likely reside in entirely different countries.
This geographic separation and technical obfuscation makes the scammers difficult to track down for authorities. They can rotate email accounts and domains to further slow investigations.
By combining urgency, impersonation, official-looking forms, and requests for money, the scammers aim to fully dupe each target. What may seem like a legitimate registration request is actually an elaborate con designed to steal identities and turn a profit.
What to Do If You Responded to the Email
If you already responded to the “EU Business Register” email and submitted any personal information, take the following steps right away:
- Contact your bank – If you shared financial account details, call your bank immediately and explain the situation. They can monitor your accounts for suspicious activity and may issue new account numbers.
- Change online account passwords – Scammers could use your personal info to break into your online accounts. Reset the passwords on all your online accounts as a precaution.
- Place fraud alert – Contact one of the three major credit bureaus (Experian, Equifax, TransUnion) and place a fraud alert on your name and Social Security number. This makes it harder for criminals to open new accounts in your name.
- Monitor your credit reports – Order a free copy of your credit report from each bureau and review it closely for any accounts you don’t recognize. Check it every few months for signs of fraudulent activity.
- File an FTC complaint – Report the scam to the Federal Trade Commission so they can investigate the criminals behind it.
- Report to IC3 – File a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov. Your report helps law enforcement identify and stop ongoing criminal schemes.
- Beware further scams – Once scammers have your info, they will likely try again. Ignore any additional emails as they may be fraudulent. Don’t send money or additional sensitive data.
Moving forward, exercise caution with any correspondence requesting your personal or financial information. Get in the habit of verifying senders and offers before responding. If you have any doubts, contact the organization directly using official channels, not the contact info in the questionable email.
Frequently Asked Questions
For more on how to identify and avoid the “EU Business Register” scam, read on for answers to some commonly asked questions:
Is the EU Business Register real?
No, there is no official “EU Business Register” registry or database. The entity is completely fabricated by scammers to defraud businesses.
Do companies need to register with the EU annually?
No, there is no registration requirement with the European Union that needs to be renewed each year. Any email claiming so is a scam attempt.
Why do they ask for so much personal information?
By gathering extensive personal and financial information, scammers can steal identities, commit fraud, or sell the data online. Never provide such info in response to an unsolicited email.
What’s the end goal of this scam?
The scammers ultimately want to profit off victims’ information. They may directly steal money with access to bank accounts or make money selling the data on the black market.
Will the scammers follow-up asking for money?
In many cases, yes. The initial information request is step one. The scammers will follow-up saying there is a “registration fee” that must be paid to process submissions. This is another attempt to steal money.
What government agency regulates EU business registrations?
There is no single EU agency that handles business registrations. Requirements vary by country. Scammers exploit this fact to seem legitimate.
Are the scammers really located in the Netherlands?
No, the Netherlands addresses are fake. The scammers use proxy email and domain services to hide their true locations, which are likely overseas.
What happens if I submitted my information already?
Immediately contact your bank, place fraud alerts, monitor your credit, and change online account passwords. File complaints with the FTC and FBI to help prevent further harm.
How can I report this scam?
Forward the email to the FTC at spam@uce.gov. You can also file a complaint at www.ftc.gov/complaint. Reporting the scam helps authorities in their investigations.
How can I protect myself from future scams?
Always manually type in official website URLs rather than clicking links or call companies directly using publicly available contact information to verify questionable emails. Enable two-factor authentication on your accounts and be wary of any requests for personal data.
The Bottom Line
The fraudulent “EU Business Register 2023/2024” email is a phishing scam aimed at stealing identities and money. Never respond to unsolicited messages requesting sensitive information. There is no real EU registration requirement that companies need to renew each year.
Be vigilant and take steps to protect yourself from these types of scams moving forward. Report any suspicious correspondence to help authorities stop cybercriminals in their tracks. With caution and awareness, you can avoid becoming the victim of phishing cons like this.