December 21, 2011Fake BBB Malware Lure
Today's lunchtime inbox morsel is a message aimed at the industrious small business worker/owner who tries to keep the company's customer reputation in first-class condition. The message claims to represent the Better Business Bureau, who has supposedly received a complaint from a customer.
Subject: Your customers concern
Better Business Bureau®
Start With Trust®
RE: Case # 58871023
The Better Business Bureau has got the above-referenced complaint from one of your customers regarding their dealings with you.
The details of the consumer's concern are explained in attached file.
Please give attention to this case and notify us of your opinion.
We encourage you to open the ATTACHED REPORT to answer this complaint.
We look forward to your urgent reply.
Better Business Bureau
© 2011 Council of Better Business Bureaus
In addition to the many grammatical errors in the message, the forged headers of this message are a mess. The From: field shows an address from a legitimate web site domain — not the BBB; the To: field is addressed to someone at cya.ca.gov (the California Youth Authority). Now I'd wager that some of the CYA's "customers" complain, but not through the BBB.
Although the action item of the message indicates that the complaint is in an attached file, instead there is a link to a hijacked web site. The offending page had been taken down by the site's owner (Way to go!), so I don't know if the page contained the main.php iframe or script download technique. Poker professionals will tell you that if you are bluffing, the story you're representing has to be solid so your opponent(s) can believe your bull. This one fails miserably.
I truly don't care where the links lead. I'd rather recipients be aware that this message — or any message that attempts to get the recipient all riled up and click-happy — is phony and potentially dangerous if they click the link.Posted on December 21, 2011 at 04:05 PM