Banking Trojans finding new vector with fake Outlook alerts
Monday, January 11, 2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
Researchers at Red Condor say that the bogus email directs users who follow its links to a spoofed web page that appears to be an Outlook Web Access notification, asking them to download and install a file to update their email account with new settings.
The file is actually the Zbot Trojan, and users who fall victim to the scam can easily expose their online banking information to the malware, putting them at great risk of financial loss and identity theft. This spear phishing attack is one of several to rise to prominence in recent months, along with less selective campaigns that went out as malicious spam campaigns.
Experts urge caution in opening email attachments from unknown sources, and say that any misspellings, grammatical errors, or suspicious links in an ostensibly official email is likely to mean that it is either a phishing attempt or an effort to spread malware.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Better Business Bureau's top scams of 2009 include phishing attacks - 1.6.2010
In compiling the biggest scams and rip-offs of 2009, the Better Business Bureau of the U.S. and Canada listed phishing emails - some based on the H1N1 flu epidemic - as one of the top 10.
|
