Fake Microsoft Outlook update contains virus for ID theft
Tuesday, June 23, 2009
Spam email purporting to be a "critical update" for Microsoft Outlook and Outlook Express contains a link to download a malicious program that can steal personal information from a user's computer, including login credentials and credit card information, Trend Micro reported Monday.
The spammers use legitimate links to Microsoft sites in the email body to make the email appear genuine, but a link appearing to direct users to a Microsoft site for the "update" actually downloads a Trojan horse called ZBot.
ZBot accesses a website to download information directing the virus to monitor certain websites and where to send stolen data, the security firm's blog said.
Web security researchers discovered that the Trojan monitors websites of banking institutions and social networking sites like Facebook and MySpace. If a user accesses any of these website, the Trojan logs keystrokes to steal the user's passwords and other sensitive information such as credit card numbers.
Recently, phishing emails have been circulating that appear to come from Microsoft and ask recipients to reconfigure their Outlook account by clicking on a link to a website where users are asked to fill in their account information, including their mail server address.
Related News:
Spam mail finding success among the young, obese - 1.8.2010
A study recently published in the Southern Medical Journal indicates that overweight and young people were much more likely than others to open spam mail touting weight loss products, with almost one in five overweight college students studied reporting that they actually purchased the products offered.
Spyware researcher says Google should drop partnership with shady advertising partner - 1.7.2010
Harvard Business School professor Ben Edelman has published a report which, he says, details a commercial relationship between search giant Google and a pay-per-click advertising firm called InfoSpace. According to Edelman, InfoSpace uses conversion-inflation traffic - posting ads for websites in ad space on those same websites - from the WhenU spyware program to boost its profit margins.
Controversy flares over ReCaptcha's effectiveness - 12.22.2009
Security researcher BitLand has said in a report that the ReCaptcha technology used by Google to secure itself against logins by bots is flawed, but Google says that it is BitLand's analysis that is defective.
Facebook sues to stop spam - 12.16.2009
Three men are being sued by social networking site Facebook, which alleges that they used phishing to gain access to the user accounts of others and used the hijacked accounts to send spam messages, according to CNET security correspondent Elinor Mills.
Chinese authorities clamping down on website registrations - 12.15.2009
The Chinese government has announced that it will begin requiring business licenses and extensive paperwork in order to register a .cn web domain name.
|
