SophosLabs blog

Yesterday, my colleague Graham Cluley blogged about a phish campaign claiming to be a “Microsoft Outlook Notification”. The messages contained a phish link to microsoft.com.outlook.[deleted].org:

Today, we see a redux of the campaign, this time with a malware attached to the message:

Notice how similar the two messages are. Instead of the phish link seen in yesterday’s campaign, today’s spam includes one nasty surprise in the form of a zip file named “micr__outlook_update_6556.zip”. Fortunately, the spam messages are detected by our anti-spam signatures and the zip file’s contents are detected as Mal/FakeVirPk-A. Judging from the detection name, the zip file likely includes a program associated with the Fake Antivirus packages that have been causing headaches for some time.

As readers of this blog are security conscious, you probably wouldn’t open up an unknown zip file. For less tech-savvy users of Microsoft Outlook however, this “Outlook update” could cause havoc with their system.

Posted on June 2nd, 2009 by SavioL, SophosLabs, Canada
Filed under: General

                                         

Free virus scan - Download the Threat Detection Test

Related posts

• Malicious update for Microsoft Outlook / Outlook Express (KB910721)
• Outlook reconfiguration emails carry malicious URLs
• Fake Microsoft Security Alert - KB910721
• Bogus Microsoft Security Bulletin
• Server upgrade spam redux