Email Scam: Better Business Bureau Complaint Alert

Home PC Patrol Better Business Bureau Accredited Business

Recently Home PC Patrol received an email alleging we were the target of a complaint filed through the Better Business Bureau. We easily recognized the email was a scam as Home PC Patrol is an Accredited Business with the Better Business Bureau with an "A" rating with absolutely no complaints. That being said, there were certain aspects of the email that might make it tough for some businesses to dismiss.

The first thing most people look at when they receive a suspect email is the sender's information. In our case, the address that the email was supposedly sent from was service@bbb.org with a return path of alert@bbb.org; however, the sending address was spoofed, making this scam mail slightly more sophisticated than your average run-of-the-mill scam mail.

The email featured the subject line: Better Business Bureau Case #87954960

and the body of the email read as follows:

Attn: Owner/Manager

The Better Business Bureau has been sent the above-referenced complaint from one of your clients concerning their dealings with you.
The detailed information about the consumer's concern is included in attached document. Please review this matter and notify us of your position.
Please click here to respond this complaint.

We look forward to your urgent response.

Faithfully yours,
Anita Emil
Better Business Bureau


Council of Better Business Bureaus
4200 Wilson Blvd, Suite 800
Arlington, VA 22203-1838
Phone: 1 (703) 276.0100
Fax: 1 (703) 525.8277

The email contained a self extracting zip archive that contained a trojan downloader, some generic files, and a trojan vundo variant. Since it was packaged as a self extracting zip file, clicking on this attachment in any way would install the files to its target locations on your PC.

It also contained a "click here" link that linked to spmartinelli.com a largely inactive site owned by Stephen Martinelli and hosted by GoDaddy. Scammers with the technical know-how to spoof an address without leaving any trace of the originating address rarely operate within the confines of the continental US or incorporate websites easily traced back to them. That and the fact that the path to the page in question is comprised of gibberish characters leads me to believe that Stephen's site was hacked. Scammers routinely inject their malicious scripts on relatively unattended sites such as his because they are easy targets and hard to trace back to the original scammer.

The Better Business Bureau has acknowledged the ongoing mail scam stating the following:

The scam that fraudulently uses Better Business Bureau's name will not die. Reports indicate that businesses are, once again, receiving emails from impostors claiming to represent BBB. Senders state that complaints have been filed and that recipients must click on enclosed links or provide other personal information to address the complaints.

This is a scam. The enclosed links may contain viruses and malware that could damage computers and place identities at risk.

  • Scan BBB emails for typos; obvious grammatical errors are an indication that emails are counterfeit.
  • Check the senders' email addresses; complaint notices are generated by local BBBs and not from the Council of Better Business Bureaus - or CBBB.
  • Hover the mouse cursor over enclosed links; beware if Web addresses do not reflect bbb.org.

You can read their article in its entirety on their site..

This email scam targets large numbers of email addresses, harvested from websites, mailing lists, and hacked email account address books; and while most effective on business owners, does occasionally end up in the in-boxes of individuals. The mailing is simply sent in bulk to as many addresses as possible regardless of BBB affiliation (or lack thereof) in the hopes that some of the recipients open the attachment or click the embedded links. Those that do end up with malware on their systems and many of the linked site pages attempt to collect as much personal and business information as possible, opening the door to identity theft.

If you receive an email similar to this, take a breath, you probably haven't had a complaint filed against your business; simply delete it immediately. Do not open any attachments. Do not click any links.

If you just can't shake the temptation to see if someone really has filed a complaint against your company, simply go to the Better Business Bureau's website directly, enter your zip code to bring up the BBB specific to your location, click on the "Check Out a Business or Charity" link in the upper right hand corner in the "BBB for consumers" section, and then type your business name in the search box that comes up. This will bring up the overview for your business if the BBB has any record of it. Next to the Overview tab you will see the "Complaints" tab. click on this tab and you will see any complaints filed with the Better Business Bureau regarding your business.

If you'd like to help put a stop to these emails, you can report any suspicious emails claiming to be from the Better Business Bureau here or forward them to phishing@council.bbb.org.

If you are reading this after clicking on a link or attachment in one of these emails and your computer is behaving erratically, don't worry, Home PC Patrol can help you out and clean out the malware, and get you back up and running... faster and more secure than ever!