Have you received an email claiming to come from the Better Business Bureau (BBB) today? If you did, be careful.
Because the emails don’t really originate from the BBB. Instead, they have been spammed out widely across the internet by cybercriminals hoping that you will be tricked into opening the malicious attachment.
The emails, which have the subject line “Re: Information from BBB”, read as follows:
Here with the better Business Bureau notifies you that we have received a complaint (ID [random number]) from one of your customers with respect to their dealership with you.
Please open the attached Compliant Report below to obtain more information on this matter and let us know of you point of view as soon as possible.
We are looking forward to your prompt reply.
Better Business Bureau
If you received an email like that at your business address you might very well be concerned that you have an unhappy customer and open the attachment (which has a filename of Better_Business_Bureau_Complaint-Report-[random number].zip).
Unfortunately, you’ll not be winning an award for good customer service by responding to the complaint – instead you’ll be unwittingly infecting your Windows computer with malware.
Sophos detects the malicious code contained within the attached file as Troj/Bredo-RK.