Last updated: September 26, 2012
First published: September 26, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: BBB Case #8629393
Dear business owner, we have received a complaint about your company possible involvement in check cashing and Money Order Scam.
You are asked to provide response to this complaint within 7 days.
Failure to provide the necessary information will result in downgrading your Better Business Bureau rating and possible cancellation of your BBB accreditation status.
According to this email the Better Business Bureau (BBB) has received a complaint about the recipient's business practices. The complaint suggests that the recipient's business may be involved in a check and money order scam. The recipient is advised to respond to the complaint by clicking a link in the email. The message also warns that if the recipient does not provide a response within 7 days, his or her BBB accreditation status may be cancelled. The message comes complete with BBB logos and formatting.
However, the message is not from the Better Business Bureau and the supposed complaint has no validity whatsoever. In fact, the message is an attempt by online criminals to trick people into downloading and installing malware. The message contrives to panic business owners into clicking the link without due forethought in the mistaken belief that their reputation may be damaged by a false complaint.
Those who are taken in by the ruse and click the "complaint" link will be taken to a webpage that displays a "Please wait, page loading" message like the one shown on the right.
The page will then automatically redirect to a compromised website that harbours malware. Once installed, such malware can download and install further malware components, collect sensitive information from the compromised computers and communicate with remote servers operated by online criminals. This version appears to hold a copy of the infamous Blackhole Exploit Kit, a collection of malware that can exploit various vulnerabilities on the targeted computer.
The Better Business Bureau's name and logo has been misused repeatedly in similar malware messages in recent months. As with this version, most of the malware messages claim that a complaint has been leveled against the recipient. Some versions urge recipients to open an attached file rather than click a link. Both links and attachments in the bogus emails can install malware.
The BBB has published information about these scams on its website. If you receive one of these messages, do not click on any links or open any attachments that it contains. If you are in doubt as to the veracity of a complaint, contact your local BBB directly.
Emails “BBB Complaint activity report” is an email security risk
BBB assistance malware attack strikes again
New Phishing Scam Hurts Small Businesses