Malware Scam on Microsoft Outlook Web Access

If you use Microsoft Outlook please read this post.

Security experts are warning Microsoft Outlook users of a serious email attack. The smoof emails attempt to trick users into believing they have to update their webmail settings.

I received one of these malicious messages today, which is made to appear that is coming from one of my domains.

The message informs me that because of the security upgrade of the mailing service my settings were changed. It instructs me to click on a link in order to apply the new settings.

According to reports if I have clicked on the link I would have been brought to an ‘authentic-looking Outlook Web Access site’, where I’d be ask to download the new settings, which actually is the Zeus Trojan. (Thankfully I didn’t click on the link.)

Once installed on my computer, Zeus would sit until I logged into   my bank account or Paypal. It would then steal my login information.

Here is a screen shot of the malicious message that I received:

Click on image for full size viewing.

Email reads:

We are informing you that because of the security upgrade of the mailing service your mailbox “(me email here)” settings were changed. In order to apply the new set of settings click on the following link.

Best regards, (my domain name) Technical Support.

( It wasn’t hard to tell this was a scam. I don’t have a technical support team. My technical support team is my husband.)

In case you are interested in reading more about this please see:  Outlook Web Access Social Engineering Malware Scam and Trusteer Warns Against Dangerous Zeus Attack