Malware targets Microsoft Outlook
Users of the Microsoft Outlook email program are being warned about the rapid spread of malware specifically targeted at users of that program.
BitDefender reports the unsolicited message directs users to apply a new set of settings to their mailboxes to update several ‘security upgrades’ that have been applied. The link in the email leads towards a Web page with Microsoft Office logos and instructs users to download and launch an executable file that will supposedly update their email settings.
Instead, they receive a potent malware cocktail, including Trojan.SWF.Dropper.E, a generic detection name for a family of Trojans sharing similar behavior. They are Flash files, which usually do not display any relevant images/animations, but drop and execute various malware files (by exploiting Adobe Shockwave Flash vulnerability). The dropped files may be subject to change and different variants can drop and execute different malware programs.
Users are advised never to follow links inserted in messages from unknown contacts, in addition to installing and updating a complete anti-malware software solution.