Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

MALWARE: ‘Important - New Outlook Settings’ Email


Outline

Email with the subject line 'Important - New Outlook Settings' advises you to click a link to download instructions before updating settings for Microsoft. Outlook.

Outlook Malware Email
© Depositphotos.com/ Wavebreakmedia

Brief Analysis

The email is not legitimate. The link opens a compromised website that harbours malware. If you receive this email, do not click any links or open any attachments that it contains.

Example

Please carefully read the downloaded instructions before updating settings.

[Link removed]

This e-mail and / or any attachment(s) is intended solely for the above-mentioned recipient(s) and it may contain confidential or privileged information. If you have received it in error, please notify us immediately at 1 and delete the e-mail. You must not copy it, distribute it, disclose it or take any action in reliance on it.


Detailed Analysis

'Important' Email Claims Outlook Settings Must Be Updated

According to this email, which features the rather urgent sounding subject line, 'Important - New Outlook Settings', you should click a link to download instructions before you update the settings.

The email includes a typical confidentiality disclaimer, apparently in an effort to make the message seem more official.

Email is Fraudulent - Link Leads to Malware Website

However, the email is certainly not a legitimate settings update advisory. Clicking the link will take you to a compromised website that harbours malware.

Versions of the malware attack have been distributed since late 2013.  The exact malware payload may vary in different incarnations of the scam. The malware may install ransomware on your computer.  It may download further malware components that collect sensitive information such as banking login details and send them back to online criminals.

Some Versions Hide Malware in Attachments

Some variants of the message may hide the payload in an attached .zip file rather than enticing people to click a website link. But, unzipping the attachment will reveal a .exe file that, if clicked, will install the malware on your computer.

Do Not Click Links or Attachments

If you receive one of these emails, do not click any links or open any attachments that it contains. Simply delete it.




Outlook Malware Email

© Depositphotos.com/ Wavebreakmedia


Last updated: October 17, 2014
First published: October 17, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Important - New Outlook Settings' spam / Outlook.zip
Important – New Outlook Settings – fake PDF malware