Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Security experts this week identified a fresh spam campaign attempting to push the malevolent, password-stealing Zeus trojan to corporate email users.Researchers at internet security firm Trusteer said this week that they identified a new global spam run being launched against users of Microsoft Outlook Web Access webmail service. The phony emails attempt to install the trojan by tricking users into believing they have to update their webmail settings.The messages are especially well crafted and executed, according to Trusteer. To lend legitimacy, they appear to come from the organisation at which the recipients work. In addition, they contain a link appearing to belong to the targeted corporation."It looked almost genuine to me," Trusteer CTO Amit Klein told SCMagazineUS.com. "If that happens to me, who knows what happens to people who are not in the security profession?"Recipients who click on the link are brought to an authentic-looking Outlook Web Access site, where they are asked to download the new settings, which actually turn out to be the Zeus trojan, also known as Zbot. These landing pages are being hosted by servers in a number of countries, including in Europe and Latin America.Once installed on a PC, Zeus sits silently until a victim visits a financial account page, such as a bank or brokerage firm, Klein said. The trojan targets corporate users in particular because they may try to access business accounts with high balances.The malware is customised not just to steal login details, but also can conduct a "man-in-the-browser" attack to replace the bank's login page with a counterfeit version, thus allowing the culprits to make the page say anything they want, Klein said."Zeus just sits there in the browser," he said. "It does whatever it takes to extract credentials and personal information from you so its operator can log in later and take over your bank account."Anti-virus detection of Zeus remains low, he said.See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.