Websense is reporting:
Websense® Security Labs™ has received reports of a new email spam variant similar to an attack launched early this year. The spoofed email purports to be from the Better Business Bureau (BBB). The message claims that a complaint has been filed against the recipient's company. Attached to the message is a Microsoft Word document (Document_for_Case.doc), supposedly containing additional details regarding the complaint. The Word document actually contains a Trojan Downloader that, when opened, attempts to download and install a keylogger. This keylogger uploads stolen data to an IP address in Malaysia.
Keyloggers record the keystokes on a computer and then send them back to the crooks, who installed them.
They are normally interested in your password information, especially if it gives them access to personal financial data. That way they can rob you blind.
In case, you just have to know, whether or not, you've received a complaint at the Better Business Bureau, it might be a good idea to contact them independently to inquire into it.
Their website is here.
The best way to avoid becoming compromised is to have updated security software protecting your system and even better yet -- avoid clicking, or even opening unsolicited e-mails no matter, who they claim to be from!
Websense alert (with screenshots), here.
1 comment:
The BBB posts online complaint information in a way that is easily harvested from the internet
http://drapetomaniacs.com/articles/2007/09/30/bbb-leaks-consumer-and-business-data">BBB Leaks data
Post a Comment