Faked Outlook updates in recent weeks have emerged as a popular vehicle to implant banking Trojans -- which bad guys use to access your online account to make fraudulent transfers.
They work because the intended victim receives a personalized email message that appears to come from a techie using a return email address from the same domain as the target.
The version Red Condor began intercepting on Thursday is unique as to the frequency with which it is being blasted out across the Internet -- and the efficiency with which it automatically customizes each message to improve the odds of fooling the recipient. The end game: trick the target into clicking on a link that will implant the banking Trojan.
"The attack has hit thousands of Red Condor's customer domains," says Red Condor researcher Brien Voorhees. "There doesn't appear to be any discrimination. My personal domain was targeted and it looks like most of our other employees' personal domains were hit as well."
News 8 months ago
