What’s Behind the BBB Phishing Emails?

We’ve identified two different Better Business Bureau phishing scams circulating over the past few months. One has an attachment which downloads a bunch of other stuff, including the Bandok trojan. The other one links to a website that tries to entice you to download and run an executable – this one is a BHO which sends all of your posts to any site to the phisher’s repository. Not just bank or Paypal or ebay logins – all interactive data sent to every site you visit. Couple this with the fact that the emails are being targeted only at senior management at companies and you have a potentially very damaging scheme.

And it works – we were able to locate one cache of stolen data. In it were over 1000 individuals, almost all were senior management from companies all over, large and small, at VP level and above (yes, even a few CEOs), along with a record of every website they’ve visited, and every field from every form they’ve posted (regardless of SSL encryption).

Read the whole writeup here: http://www.secureworks.com/research/threats/bbbphish

Share