A screenshot of a fake Outlook Web Access page.
(WEB HOST INDUSTRY REVIEW) — Web security firm Websense Security Labs analysts have warned Outlook users about a series of malware attacks aimed at users of Microsoft’s Outlook Web Access.
The company found as many as 30,000 emails an hour that attempt to dupe users of the popular Web-based email software into clicking on a link to update their mailbox settings for a ‘security upgrade’.
Instead, the bogus link directs unsupecting users to a site that installs the Zbot Trojan on their computer.
Websense says the emails appear to be legitimate because they include the victim’s email address, as well as the targeted domain name and a URL address that looks as though it would lead to the user’s specific Outlook Web Access site.
In its security advisory, Websense warned that the “victim’s domain name and email address are also used in a number of locations on the malicious site to make it that much more believable”.
Malware continues to be a significant problem that pervades the Internet, with the ongoing rise in the volume of the Bredolab Trojan being sent by the Cutwail botnet.
