Websense has warned that a major attack has been detected against Microsoft's Outlook Web Access service.
The internet monitoring firm said that it is seeing around 30,000 emails a day which urge users to visit a web site and download a security update file, which in fact contains malware.
The email message reads: 'We are informing you that, because of the security upgrade of the mailing service, your mailbox settings were changed. In order to apply the new set of settings click on the following link.'
What makes the attack unusual is a high level of personalisation. The page that loads when the recipient clicks on the link is very convincing because it uses the victim's email address and domain name.
"We have seen customisation like this before, but it is not very common. As the angle is Outlook Web Access, a corporate/enterprise system, it is very likely that the targets are primarily corporations," said Websense.
"Websense Security Labs has seen a rise in banking Trojans targeting corporations because, not only do those accounts have more money in them, they can typically also do international wire transfers directly from the online banking system."
The malware makes the PC part of the Zbot botnet and allows full remote control by the botnet controller.
See also:
Majority were easy to pick, says security expert 07 Oct 2009
Loss of vital networks would quickly cripple any nation, says ITU chief 07 Oct 2009
Series of events and programmes designed to educate businesses and consumers 02 Oct 2009All Hacking Tags: Microsoft, Websense, Outlook-web-access, Threats, Malware, Trojan, Security
del.icio.us
Digg this
reddit!
