The phishing emails include the recipient s actual email address and appear to be an update to the OWA application. The messages are designed to look as if they come from a company’s IT department and instruct the recipient to visit a Web site to update the settings on his OWA account. The emails have been making the rounds this week and have hit a number of organizations. OWA is used widely in enterprises that rely on Microsoft’s Outlook email system. Messages are using subject lines and text that look very enticing for users.
Source: https://threatpost.com/zeus-trojan-part-new-outlook-web-access-phishing-scam-101509/72328/