Better Business Bureau malware attack spammed out

Filed Under: Featured, Malware, Spam

BBB malware attack spammed outHave you received an email claiming to come from the Better Business Bureau (BBB) today? If you did, be careful.

Because the emails don't really originate from the BBB. Instead, they have been spammed out widely across the internet by cybercriminals hoping that you will be tricked into opening the malicious attachment.

The emails, which have the subject line "Re: Information from BBB", read as follows:

Here with the better Business Bureau notifies you that we have received a complaint (ID [random number]) from one of your customers with respect to their dealership with you.

Please open the attached Compliant Report below to obtain more information on this matter and let us know of you point of view as soon as possible.

We are looking forward to your prompt reply.
Better Business Bureau

Better Business Bureau malware attack

If you received an email like that at your business address you might very well be concerned that you have an unhappy customer and open the attachment (which has a filename of Better_Business_Bureau_Complaint-Report-[random number].zip).

Unfortunately, you'll not be winning an award for good customer service by responding to the complaint - instead you'll be unwittingly infecting your Windows computer with malware.

Sophos detects the malicious code contained within the attached file as Troj/Bredo-RK.

, , ,

You might like

13 Responses to Better Business Bureau malware attack spammed out

  1. Bobby · 1338 days ago

    I got this a couple weeks ago and was surprised at how authentic it seemed but you can tell that it's malicious

  2. GR Umpy · 1338 days ago

    This is hardly news - we've been receiving dozens of these every day for months.

  3. MorrisNTex · 1338 days ago

    At the office we use a SPAM filtering service and I try to clean these filters out once a week. I have been seeing these BBB phishing attempts somewhere between 4 to 6 months now. They have greatly increased in volume within the last month though.

  4. Morphius · 1338 days ago

    These have been coming out for a few weeks now, along with the sharp uptake in spam we have been noticing over the past 48hrs!

  5. Robert Witham · 1338 days ago

    I received something similar on my work account last week. I deleted it immediately. The grammar in this particular e-mail would have caused me to laugh too hard to take it seriously. Further, I cannot imagine opening a zip file attached to an unsolicited e-mail.

    As always, thanks for keeping us informed about this crud though.

  6. Debbie Smith · 1338 days ago


    Thank you for this post! I did receive a email today exactly like the one you give an example of. Did not try to respond.

    Thank you for being on top of this becaue I was concerned my business had received a complaint.


    Debbie Smith

  7. Sharpear · 1338 days ago

    This didn't start today, it's been around for some time, although it looks like they changed the format around. I got loads of these, but two things to notice. It does not mention the company that the complaint was against. The emails are BC and the original receiptient is not even a part of the company directory list.

    2nd The emails I get from the BBB are not even located in the same state. Which each state deals only with the businesses in their states.

    I even get these randomly to my personal email, and laugh because how can the BBB contact me about a complaint when I am not even a company.

    I think if these are reported on, they should go into detail about the malware and how it affects the system, and removal process. Would be much better article to read, than the 2 min write up.

  8. Dan · 1338 days ago

    Anything that is actually from the BBB may as well be considered useless anyways. They're not exactly what you could call a trustworthy organization. The only way a business can get their best rating is to pay them to become "accredited," and once they've been paid it seems that customer complaints become useless.

  9. mike · 1338 days ago

    Another great example of great egrish skills these scammers. I find reading the emails entertaining!
    Oh, and I always get the uniform ticket scam mail from (NYC) 1. I don't own a car, 2. never been to new york, and 3. you'd never get a ticket by email ( how the hell would the police know your email address! )

  10. Pam · 1338 days ago

    Dear !
    thank you
    We mite drop our guard a bit when spammers get there grammer and spellin rite!!

  11. Mark · 1338 days ago

    If these guys ever learn how to spell english words correctly , we're in trouble. Just sayin'

  12. Barbara · 1338 days ago

    I received a bogus-looking BBB email today; I didn't touch it, but because my husband and I run a small business, there was a very tiny bit of concern about it. Before I would open anything suspicious of this nature (we're Mac users so viruses aren't the problem, but future spamming is), I decided to Google the real BBB and attach the phishy-looking email to make sure they knew about it - and as a result, I found your site - which is terrific and informative (you commented today - 4 hours ago - on this very issue). I'm very impressed; so this malware/phishing attempt by evil emailers turned out to be a good thing for me. First, I'm going to bookmark your site; then, I'm going back to my email to hit "delete." Thanks!

  13. Wonder Much · 988 days ago

    The BBB had their email servers hacked in the summer of 2012.and as a result all of their customers had their emails stolen. The phishing attacks are targeted. The BBB swept the attack under the rug instead of reporting it to their members.

    The emails of 115 BBB offices were hacked including the Canadian BBB. I have an email from the BBB to that effect which they only admitted to after I told them I could prove their email was compromised. The mainstream press seems to not be interested in the fact that the Better Business Bureau practices poor business practices when it comes to their members.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley