Thursday, August 30, 2007

Fake e-mail from the BBB stating someone complained about you is a scam!

If you get an e-mail from the Better Business Bureau stating that a complaint has been made against you - it might be a good idea to just delete it.

Websense is reporting:

Websense® Security Labs™ has received reports of a new email spam variant similar to an attack launched early this year. The spoofed email purports to be from the Better Business Bureau (BBB). The message claims that a complaint has been filed against the recipient's company. Attached to the message is a Microsoft Word document (Document_for_Case.doc), supposedly containing additional details regarding the complaint. The Word document actually contains a Trojan Downloader that, when opened, attempts to download and install a keylogger. This keylogger uploads stolen data to an IP address in Malaysia.

Keyloggers record the keystokes on a computer and then send them back to the crooks, who installed them.

They are normally interested in your password information, especially if it gives them access to personal financial data. That way they can rob you blind.

In case, you just have to know, whether or not, you've received a complaint at the Better Business Bureau, it might be a good idea to contact them independently to inquire into it.

Their website is here.

The best way to avoid becoming compromised is to have updated security software protecting your system and even better yet -- avoid clicking, or even opening unsolicited e-mails no matter, who they claim to be from!

Websense alert (with screenshots), here.

1 comment:

drapetomaniac said...

The BBB posts online complaint information in a way that is easily harvested from the internet

http://drapetomaniacs.com/articles/2007/09/30/bbb-leaks-consumer-and-business-data">BBB Leaks data