Websense has warned that a major attack has been detected against Microsoft's Outlook Web Access service.
The internet monitoring firm said that it is seeing around 30,000 emails a day which urge users to visit a web site and download a security update file, which in fact contains malware.
The email message reads: 'We are informing you that, because of the security upgrade of the mailing service, your mailbox settings were changed. In order to apply the new set of settings click on the following link.'
What makes the attack unusual is a high level of personalisation. The page that loads when the recipient clicks on the link is very convincing because it uses the victim's email address and domain name.
"We have seen customisation like this before, but it is not very common. As the angle is Outlook Web Access, a corporate/enterprise system, it is very likely that the targets are primarily corporations," said Websense.
"Websense Security Labs has seen a rise in banking Trojans targeting corporations because, not only do those accounts have more money in them, they can typically also do international wire transfers directly from the online banking system."
The malware makes the PC part of the Zbot botnet and allows full remote control by the botnet controller.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff