BBB, Airline and Wire Transaction Spam Used to Advertise Malware-Laden Site
A Russian malware-infested website - mskoblastionline.ru – is advertised these days with the aid of a massive spam campaign.
The spammy messages that carry links to the website rely on topics such as wire transfers, airline reservations, and notifications from the Better Business Bureau (BBB), according to Dynamoo’s Blog.
Here’s an example of a new BBB scam that's involved in this operation:
Good afternoon,
Here with the Better Business Bureau would like to inform you that we have received a complaint (ID 1630630165) from a customer of yours in regard to their dealership with you.
Please open the COMPLAINT REPORT attached to this email (open with Internet Explorer/Mozilla Firefox) to view the details on this issue and suggest us about your position as soon as possible.
We hope to hear from you shortly.
Regards,
KARRI PENA
Dispute Counselor
Better Business Bureau
In other versions of the BBB scam the complaint ID and the name of the "dispute counselor" may be different.
The wire transaction emails and the ones that purport to represent a flight reservation are pretty much standard.
Once they’re taken to the site, victims are served all sorts of malicious elements via the security holes that may be present in the operating system and other popular pieces of software.
Since antivirus vendors are doing a great job blocking the domain owned by cybercriminals, we will take this opportunity to remind everyone to keep their antivirus software updated and working at full capacity at all times.
Security products usually retrieve the new definitions automatically, so the task isn’t very difficult. However, it’s good to keep an eye on them since you never know when an unexpected error blocks the update process, or an advanced piece of malware blocks it all together (this rarely happens, but you never know).