Is nothing sacred? Turns out that the latest round of phishing attacks plaguing end users look like legitimate e-mails coming from the internal IT department.
The folks at Trusteer Research issued a bulletin yesterday advising customers that the latest versions of a Zeus/Zbot series of phishing attacks are being made to look like a request from the user's IT department to update Microsoft Web Mail settings.
Once opened, a Trojan injects itself into the user's browser and monitors all Web traffic as part of an effort to capture log-in credentials and passwords for various Web sites that the user might have permissions to access. Zeus/Zbot will also invite end users to view additional Web pages as part of an attempt to gather sensitive data.
Trusteer recommends that IT organizations lock down browsers to prevent code from running in the browser and, naturally, deploy a plug-in developed by Trusteer to prevent just this sort of thing from happening. In addition, end users should be alerted not to click on links that change Microsoft Outlook settings.
This phishing attack is the latest in a series that continues to show that we need a new approach that firmly establishes the reputation of both the Web sites that deliver content and the actual files moving across our networks. We may be powerless to stop the attacks, but we can be a lot more vigilant about not falling victim to them.