Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 140 - October 2012 (1st Edition) - Page 6

Better Business Bureau 'Complaint Received' Malware Emails

Issue 140 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from the Better Business Bureau claims that a complaint has been received about the recipient. The recipient is advised to click a link and provide a response or risk cancellation of BBB accreditation status.



Brief Analysis
The email is not from the Better Business Bureau. The link in the message opens a website that harbours malware. Several variations of these malware emails have been distributed in recent months. If you receive an unsolicited email claiming to be from the BBB about a supposed customer complaint, do not click any links or open any attachments that it may contain.

Bookmark and Share
Detailed analysis and references below example.





Last updated: September 26, 2012
First published: September 26, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: BBB Case #8629393


Dear business owner, we have received a complaint about your company possible involvement in check cashing and Money Order Scam.

You are asked to provide response to this complaint within 7 days.

Failure to provide the necessary information will result in downgrading your Better Business Bureau rating and possible cancellation of your BBB accreditation status.

Better Business Bureau Malware Email




Detailed Analysis

Wait Page Loading Malware

According to this email the Better Business Bureau (BBB) has received a complaint about the recipient's business practices. The complaint suggests that the recipient's business may be involved in a check and money order scam. The recipient is advised to respond to the complaint by clicking a link in the email. The message also warns that if the recipient does not provide a response within 7 days, his or her BBB accreditation status may be cancelled. The message comes complete with BBB logos and formatting.

However, the message is not from the Better Business Bureau and the supposed complaint has no validity whatsoever. In fact, the message is an attempt by online criminals to trick people into downloading and installing malware. The message contrives to panic business owners into clicking the link without due forethought in the mistaken belief that their reputation may be damaged by a false complaint.

Those who are taken in by the ruse and click the "complaint" link will be taken to a webpage that displays a "Please wait, page loading" message like the one shown on the right. The page will then automatically redirect to a compromised website that harbours malware. Once installed, such malware can download and install further malware components, collect sensitive information from the compromised computers and communicate with remote servers operated by online criminals. This version appears to hold a copy of the infamous Blackhole Exploit Kit, a collection of malware that can exploit various vulnerabilities on the targeted computer.

The Better Business Bureau's name and logo has been misused repeatedly in similar malware messages in recent months. As with this version, most of the malware messages claim that a complaint has been leveled against the recipient. Some versions urge recipients to open an attached file rather than click a link. Both links and attachments in the bogus emails can install malware.

The BBB has published information about these scams on its website. If you receive one of these messages, do not click on any links or open any attachments that it contains. If you are in doubt as to the veracity of a complaint, contact your local BBB directly.

Bookmark and Share

References

Emails “BBB Complaint activity report” is an email security risk
BBB assistance malware attack strikes again
New Phishing Scam Hurts Small Businesses


Previous Article            Next Article

Issue 140 Start Menu

Pages in this issue:
  1. Miley Cyrus 'Sex Tape' Facebook Scam
  2. AT&T 'Account Limit Exceeded' Phishing Scam
  3. Visa - Mastercard 'Security Incident' Phishing Scam
  4. 'Letter from Barack Obama' Advance Fee Scam
  5. 'Blue Tiger' Picture on Facebook
  6. Better Business Bureau 'Complaint Received' Malware Emails
  7. Facebook Survey Scam - Free £100 ASDA Voucher
  8. Windows Email Security Update Phishing Scam
  9. Gmail 'Free Apple iPad Reward' Survey Scam
  10. 'Personal Assistant' Money Laundering Scam