Phishers Extend Attacks on Microsoft Outlook

Security firm Sophos has noted that a latest phishing attack targeted at the Outlook users has transformed its character from attempting to capture users' login details to seeking to infect their PCs via bogus anti-virus solutions.

According to reports, the phishing scam commenced on June 1, 2009, when cybercriminals began circulating scam e-mails, which purported to be coming from Microsoft's support team.

The scam message informed the user that he is having a new e-mail from the Microsoft Outlook. However, the e-mail said that he should re-configure the settings of the Outlook in order to read the message. The e-mail contained a link of a phishing web page, which tricks user into giving away his login credentials to the remote criminals.

By gaining access to the users' Outlook accounts, phishers used them in circulating spam e-mails to other people.

Graham Cluley, Senior Technology Consultant at Sophos, said that the phishing attack interestingly changed its characteristics in just 24 hours of its launch, as reported by SCMagazine on June 3, 2009.

He further added that the phishing website underwent overnight transformation and the result is that instead of containing a phishing web link, the latest versions of the spam e-mail contain some malicious attachment. The malicious file attached is reportedly a fraudulent anti-virus solution, which tries to trick user into purchasing it.

Apart from Sophos, some other security firms have also detected such attacks. MX Logic Threat Operations Center informed that the aforementioned malicious file is "micr__outlook_update_6556.zip". Security experts stated that yet no variants of this name have been detected.

Moreover, Sophos told that it is having no clue about the criminals behind the scam; though one thigh is clear, that it's another instance of the modification of attack.

Importantly, the phishing domain used in the Outlook phishing scam had been used recently (final week of May 2009) in a phishing campaign targeted at the Commonwealth Bank of Australia.

Suggesting the ways to remain protected, Cluley stated that the best way is to become a little bit more suspicious about the e-mails received, and not over trusting them. Also, user should think carefully before clicking any attachment or link.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 6/5/2009