There's a new phishing scam out targeting corporate and uni email addresses. Here's a sample: Dear user of the XXX.com mailing service! We are informing you that because of the security upgrade of the mailing service your mailbox (jon.jensen@XXX.com) settings were changed. In order to apply the new set of settings click on the following link: {Link removed from here.} Best regards, XXX.com Technical Support. The link, if clicked, looks legit, but it prompts you to download some files, these look to be a variant of Zbot. Also, the redirect of the link varies wildly from each reported instance. Check out some of the links found doing a GIS: We are informing you that because of the security upgrade of the mailing service your mailbox - Google Search Be safe, Bonez
Thanks for the info Bonez. Hopefully someone will see this if they get the same message, and they will be aware of what is going on.
That's the entire point, and thank you. Both of our domains have been targeted, fortunately we're an IT company so most people know not to click on things here, and one of the domains is being phased out so there aren't as many people using it as there @company.com email address anymore. What's scary is how fast this has spread. First reports of it I can find are less than 2 days old.
It really is amazing how quickly things spread. I remeber reading about a scam such as this one that Microsoft discovered and withing about a day, it had spread by an astronomical amount.
I will be on the lookout for it on my Uni email address, nothing so far. Cheers for the heads up, moved the post to the front page.
I'm afraid that if the people from my old school got this in their mailbox, they'd click the link without first contacting anyone from the IT department..