BBB assistance malware attack strikes again

BBB malware attack spammed outOnce again, cybercriminals have spammed out emails claiming to come from the Better Business Bureau (BBB), with the intention of infecting Windows computers with malware.

SophosLabs has intercepted a widespread malware attack that is being spammed out as an attachment to an email claiming to come from the BBB.

The emails vary in their wording, but all claim that a consumer has complained about the company receiving the email. The details of the complaint, naturally, are contained inside the attached “BBB” file (which, of course, contains malware).

It should go without saying that the emails do not really come from the Better Business Bureau. The criminals behind the campaign are simply adopting the disguise of the BBB in the hope that you will take the message seriously and open the attached file.

Sign up to our free newsletter.
Security news, advice, and tips.

Here’s just a small selection of the emails SophosLabs experts have blocked, which demonstrate how the wording can morph:

Animation of different malicious emails

Here’s the typical sort of wording we are seeing in the dangerous emails:

Dear Sirs,

The Better Business Bureau has got the above mentioned complaint from one of your clients regarding their business relations with you.
The details of the consumer's concern are presented in enclosed document.
Please review this issue and let us know about your point of view.
Please open the ATTACHED REPORT to respond this complaint.

We look forward to your urgent attention to this matter.

Sincerely yours,


Dispute Counselor
Better Business Bureau

Sophos products detect the malware attack as Mal/BredoZp-B and Troj/Zbot-BUS.

Of course, this is far from the first time that the Better Business Bureau’s name has been used by cybercriminals to spread malware – and, sadly, it’s unlikely to be the last.

Be on your guard folks.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.