Received an update for MS Outlook and Outlook Express today and after checking, found it's a virus. It looks like it was sent from Microsoft but knowing they haven't updated either of these programs for a long time set off my BS meter. Fake Microsoft Outlook update contains virus for ID theft Tuesday, June 23, 2009 Spam email purporting to be a "critical update" for Microsoft Outlook and Outlook Express contains a link to download a malicious program that can steal personal information from a user's computer, including login credentials and credit card information, Trend Micro reported Monday. The spammers use legitimate links to Microsoft sites in the email body to make the email appear genuine, but a link appearing to direct users to a Microsoft site for the "update" actually downloads a Trojan horse called ZBot. ZBot accesses a website to download information directing the virus to monitor certain websites and where to send stolen data, the security firm's blog said. Web security researchers discovered that the Trojan monitors websites of banking institutions and social networking sites like Facebook and MySpace. If a user accesses any of these website, the Trojan logs keystrokes to steal the user's passwords and other sensitive information such as credit card numbers. Recently, phishing emails have been circulating that appear to come from Microsoft and ask recipients to reconfigure their Outlook account by clicking on a link to a website where users are asked to fill in their account information, including their mail server address.