Malicious Attacks Claiming to be an Update for OWA
Thank you to Don Smith, STAR Financial Bank’s Information Security Officer, for passing the following information on to us. In turn, I am posting it to our Portal so that you may benefit from the warning.
We have been informed by WebSense (and by some of our customers) that there is a new wave of malicious attacks claiming to be an update for Microsoft Outlook Web Access (OWA). Victims receive an e-mail message leading to a site to apply mailbox settings which were supposedly changed due to a “security upgrade”.
The especially dangerous thing about these messages is that they are very deceiving. The messages and attack pages are personalized for the To: email address to imply the message is being sent from tech support of the domain. The URL in the email looks like it leads to the company’s own OWA system. WebSense has seen upwards of 30,000 of these messages per hour and they have very low anti-virus detection.
Customers signing into these fraudulent e-mails are then being locked out of their e-mail accounts because the criminal element changed the password. The criminal element then sends e-mails to everyone in the customer’s inbox stating they have been in an accident in London (or somewhere else) and they need $1,500 to get home. The e-mail then provides Western Union instructions to wire the money.
If you or a customer receives an e-mail of this nature, delete it immediately.