"It started yesterday, with more than 50 customers of ours receiving this e-mail and we've been targeted ourselves," says Mickey Boodaei, CEO of security firm Trusteer.
The e-mail-based attack is customized to fool employees in each enterprise it's sent to, with the "from" address appearing to come from within the enterprise, asking the recipient on behalf of the systems administrator to modify their e-mail settings for Outlook Webmail as a result of an upgrade.
Though the link appears to be to the enterprise Outlook Web Access site, it's actually a Web site in Chile, Columbia, Romania or Russia that's craftily trying to get the victim to download a file that's the dangerous Zeus/Zbot Trojan, says Boodaei.
The Zeus Trojan is well-known—it's part of the sweeping into mailboxes at present.