Security researchers have uncovered a new set of targeted phishing attacks on users of the Microsoft Hotmail and Yahoo Mail services.
Trend Micro is reporting a set of targeted attacks which the company believes are part of a larger campaign to compromise systems and access user data.
The security firm said that the attacks include malicious file attachments, as well as attempts to exploit flaws in the webmail services to harvest user credentials.
Trend Micro senior threat researcher Nart Villeneuve told V3.co.uk that the attackers attempted to exploit cross-site scripting (CSS) flaws in both platforms, as well as use specially crafted Word documents containing malware. In the case of Yahoo Mail, however, things did not go quite as planned.
"They were trying to exploit a CSS vulnerability in Yahoo Mail to steal the cookies, so they could have access to that session, but their code didn't actually work," he explained.
Trend's report comes just days after Google reported a series of attacks on its Gmail service, which targeted the accounts of government officials and political activist groups.
Villeneuve said that, while there was a similarity in the attacks, the company could not find evidence directly linking the Hotmail and Yahoo Mail operations to the Gmail incident.
In a statement provided to V3.co.uk, Microsoft safety services general manager John Scarrow said that the company did not find any evidence that Hotmail was being targeted by the operation.
"Microsoft is not aware of any Hotmail customers being targeted by the specific phishing attacks that occurred earlier this week," he said. "However, phishing attacks and other forms of abuse are a persistent industry challenge."
At the time of publication, Yahoo had yet to respond to a request for comment on the report.
To help prevent users from falling victim to targeted attacks, Villeneuve suggested keeping a careful eye on emails which claim to be from colleagues. He noted that clues such as grammatical errors and unusual data requests will often give away a phishing attempt.
"Once users are aware that these attacks do happen they can look for things that don't exactly make sense," he said.
"Little tricks like that can help users initially decide to treat an email with a little bit of suspicion."
US space agency believes the crater could have preserved ancient organic molecules from the water that flowed there billions of years ago
Valve quietly closes down hardware initiatives launched following Windows 8
Scientists create a virtual reality simulation of a black hole sitting at the centre of the Milky Way
Simulations like this can help people understand complicated systems in the universe in a better way
The most luminous galaxy ever discovered is cannibalising at least three of its smaller neighbours, study finds
The galaxy radiates at 350 trillion times the luminosity of the Sun