Scammers using Fake Outlook Alerts for Bank Fraud

Dennis Faas's picture

Red Condor, a well-known email filtering company, is warning computer users everywhere about an email phishing campaign that spreads false Microsoft Outlook alerts. Those responsible for the malicious campaign are using the alerts to implant banking Trojans on PCs, leaving the door wide open for fraudulent money transfers.

Over 1 Million Emails Intercepted by Noon

One of the biggest concerns is the alarming rate at which these alerts are being sent out; in fact, Red Condor had blocked over a million kinds of these messages by noon just this past Friday. Researchers are almost certain that the massive spam campaign was activated thanks to a large botnet under control of the attackers.

PC Infection Rates Soar by Duped Users

The Outlook messages are truly dangerous because they are automatically customized to improve the odds of fooling the email recipient.

In most cases, the intended victim receives a personalized email message that appears to come from a technical support representative using a return address from the same domain as the target. The goal is to get as many innocent users as possible to follow the malicious links, which then infects the user's PC, which then translates to a huge payday for the cybercriminal. (Source:

According to Red Condor researcher Brien Voorhees, "The attack has hit thousands of customer domains. There doesn't appear to be any discrimination [when selecting a victim]. My personal domain was targeted and it looks like most of our other employees' personal domains were hit as well."

2009 Phishing Campaign Reincarnated?

Analysts believe that the attack was a reincarnation of a distinctive type of phishing campaign that slowly built itself up in 2009. However, previous attacks were not always in the form of Outlook alerts. Those attacks used references to UPS shipping documents, IRS notices, Vonage account updates, H1N1 alerts and Facebook account updates to get recipients to click on a corrupt link. (Source:

However, unlike this recent attack which serves to cash in on unsuspecting users, earlier campaigns were intended to turn an infected machine into part of a zombie botnet under the control of the hacker.

While the extent of these kinds of malicious attacks in 2010 can only be speculated upon, Red Condor is at least doing their part in warning users to use caution when opening peculiar messages from unknown sources.

Rate this article: 
No votes yet