The Better Business Bureau Trojan Horse

With the fake Better Business Bureau Trojan Horse campaign, we find yet another infectious email that is socially engineered so well, that users often release such messages from quarantine; even after spam filtering has clearly identified the emails as a Virus carrying Trojan Horse.

The emails typically arrive with spoofed headers such as:

Subject:     FW: Complaint Case 091921
From:     “Better Business Bureau” <Kerri_Rucker@newyork.bbb.org>

In order to appear legitimate and to try and evade simple spam filtering systems, the Complaint Case number will be randomized, and the spoofed sending email address will vary as well.

The content will include vague yet serious sounding allegations, such as:

The Better Business Bureau has received the above-referenced complaint from one of your customers regarding their dealings with you. The details of the consumer’s concern are included on the reverse. Please review this matter and advise us of your position.

A full copy of such the bogus email:

BBB Trojan Horse Virus

BBB Trojan Horse Virus

 

The key component, from the spammer/hacker’s perspective is the sentence that directs the recipient to take action; which is to convince the recipient to open and run the attached virus embedded as a Trojan Horse.

We encourage you to print this complaint (attached file), answer the questions and respond to us.

 

The email attachment is most commonly included in two formats, a compressed ZIP file and an executable program file as well:

  • Case_Complaint_091921.zip    application/zip    105138
  • Case_Complaint_091921.exe    unknown/unknown    138752

Note that the actual file name may vary as a bogus “Case_Complaint” in included, again to simply enhance the appearance of legitimacy. The hackers do an especially nice job with this particular version, as they go so far as to ensure that the “Case_Complaint” referenced in the Subject line matches that of the attached file.

Should the recipient execute the Trojan Horse, their system will become infected and compromised, at which point their personal computer will become part of the zombie spam-bot network and under the control of remote hackers.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , , , , ,

Comments are closed.