Home / mailingsPDF  

WSLabs, Malicious Web site / Malicious Code: Better Business Bureau Scam

Posted on 24 May 2007
Websense Security Lab

Websense(R) Security Labs(TM) has received reports of a new email spam variant similar to an attack launched early this year. The spoofed email purports to be from the Better Business Bureau (BBB). The message claims that a complaint has been filed against the recipient's company. Attached to the message is a Microsoft Word document (Document_for_Case.doc), supposedly containing additional details regarding the complaint. The Word document actually contains a Trojan Downloader that, when opened, attempts to download and install a keylogger. This keylogger uploads stolen data to an IP address in Malaysia.

Sample Email Body:

From: Better Business Bureaus [mailto:operations@bbb.org]
Sent: Wednesday, May 23, 2007 7:39 PM
Subject: Complaint Case Number XXXXXXXXXX

Dear Mr./Mrs. XXXXXXXXXX XXXXXXXXXX

You have received a complaint in regards to your business services. The complaint was filled by Mr. Mark Williams on 5/21/2007

Complaint Case Number: XXXXXXXXXX
Complaint Made by Consumer Mr. Mark Williams
Complaint Registered Against: XXXXXXXXXX
Date: 5/21/2007
Instructions on how to resolve this complaint as well as a copy of the original complaint are attached to this email.

Disputes involving consumer products and/or services may be arbitrated. Unless they directly relate to the contract that is the basis of this dispute, the following claims will be considered for arbitration only if all parties agree in writing that the arbitrator may consider them:
- Claims based on product liability;
- Claims for personal injuries;
- Claims that have been resolved by a previous court action, arbitration, or written agreement between the parties.
The decision as to whether your dispute or any part of it can be arbitrated rests solely with the BBB.

The BBB offers its members a binding arbitration service for disputes involving marketplace transactions. Arbitration is a convenient, civilized way to settle disputes quickly and fairly, without the costs associated with other legal options.

(C) 2003 Council of Better Business Bureaus, Inc. All Rights Reserved.

Original BBB Alert: http://orwwa.bbb.org/release.html?value=61

For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=777

 

TOP

Mailings :

Exploits :