Phishing email targets Microsoft POP3 user data

Symantec has observed a new fraud attack targeting Microsoft POP3 users. The email claims that recipients have a POP3 setting problem and need to click on the URL in the email to confirm the account data. Headers from the scam email were:

From: “Microsoft” Subject: Message from Microsoft or Subject: Microsoft Outlook Verification #

The email shows a warning but the URL in the message does not lead the recipient to the Microsoft web site, but rather to a hacked web site.

The phishing page requests personal data from the end user. While this phishing example may be easily identified as a scam, the recipient of this message could provide their personal information. The information would then be used maliciously by the spammer.

Source: Symantec’s “The State of Spam Monthly Report” – August 2008