Select Page

Last night, I got this targeted Better Business Bureau spam:


It’s targeted, like a similar one we saw in the past.

However, in the previous version, a document was attached, that used an embedded OLE in an RTF document. You had to actually go through some hoops to get infected.

This one is different. It points you to a website called “document-repository(dot)com”, which pushes you into downloading a file, Complaint_Details_363619942.doc2.exe.



The file, of course, is a trojan (Sunbelt Sandbox report here). Submitting the file to VirusTotal shows mediocre detection.

Alex Eckelberry