The Tech Herald

Outlook Web Access targeted in recent email scam

by Steve Ragan - Oct 15 2009, 17:00

Outlook Web Access targeted in recent email scam.

There is a new wave of email-based attacks centering on OWA (Outlook Web Access) accounts, which are taking on a personal appearance. Security vendor Websense says they have seen upwards of 30,000 of these emails per hour.

The attacks start with an email that uses personalized TO: fields to imply the message is being sent from tech support. Victims in the attacks are asked to download a file that contains setting changes thanks to a recent security upgrade.

According to the scam, the emails start with, “We are informing you that because of the security upgrade of the mailing service your mailbox [redacted] settings were changed. In order to apply the new set of settings click on the following link:”

The emails will use the victim’s email domain as part of the link to the malicious site hosting the “settings updates.” In addition, the actual email domain is used consistently within the email message and the fake update site. Websense says that they have seen such customizations before, but they are uncommon.

Earlier this week, ISC handlers Mark Hofman and David Goldsmith describe attacks that mirror those seen by Websense, including a twist on the email message.

According to the ISC reports, earlier messages reported that, “On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour. The changes will concern security, reliability and performance of mail service and the system as a whole. For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure…All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location.”

In both the example from ISC and Websense, the Malware is a variant of the Zbot Trojan, but detection levels are still low.

To read the ISC reports, head here and here. The Websense report is here.

 

 

Around the Web

Comment on this Story

comments powered by Disqus
Security
Index
News
 
Features
Reviews

From Autosaur.com

World’s first flat-pack truck the OX could help Africa

A flat-pack truck which can be put together by anyone in just half a day has been invented to help people living in remote places in Africa and other parts of the developing world. The OX is shipped in pieces but can be assembled with just three people in 11.5hours — and they need no [...]

The post World’s first flat-pack truck the OX could help Africa appeared first on Autosaur.

Nissan 370Z Nismo to rock the Gumball 3000 rally

The Nissan 370Z Nismo will be one of the cars in the 2013 Gumball 3000 rally where  â€” as the guys from TV show Jackass put it — “filthy stinking rich” people drive super-expensive cars 3,000 miles through 13 countries across Europe. The car, above, will be driven by a team from publishing and production [...]

The post Nissan 370Z Nismo to rock the Gumball 3000 rally appeared first on Autosaur.

#MyTurnToJag and Playboy: How Jaguar targets men

Jaguar has launched a new Twitter campaign called #MyTurnToJag to advertise its new F-Type â€” as well as teaming up with men’s magazine PLAYBOY. The #MyTurnToJag competition gives members of the public the chance to drive one of their new sports cars. And it comes after the firm helped announce Raquel Pomplun, left, as Playboy’s Playmate of [...]

The post #MyTurnToJag and Playboy: How Jaguar targets men appeared first on Autosaur.