Especially from techies
Insecurity outfit Red Condor has been intercepting an
email phishing campaign spreading faked Microsoft Outlook alerts.
The faked Outlook updates are fast becoming a popular way
to implant banking Trojans are then used to access online accounts. The intended victim receives a personalised email message
that appears to come from a techie using a return email address from the same
domain as the target.
However the numbers which are being sent over the world
wide wibble are making it look like the bad guys after playing a
numbers game. The software is quite good at customises each message to
improve the odds of fooling the recipient. Red Condor researcher Brien
Voorhees said that the attack
has hit thousands of Red Condor's customer domains. Red Condor has
blocked well over a million of these
messages, an indicator of a massive spam campaign, originating from a
botnet under control of the attackers.
This latest Outlook attack is similar to a phishing
attack that took shape over the course of 2009. Earlier attacks used
referencing UPS shipping documents, IRS notices, Vonage account updates, H1N1
alerts and Facebook account updates to get recipients to click on a tainted Web