Fortinet researchers just identified a new Bazar variant delivered by phishing emails with a Get Bonus lure. I just had a chance to look at one. The email I looked at uses a sharepointonline.com from address. The body of the email shows a logo of Excel Bonus- Feb21.xlsx. Hovering over the link reveals a google docs file. That’s the lure which tries to get you to download the malware which installs a “backdoor.” However, there are variations of this some using a PDF logo. Here’s a look at the email I examined and a link to ZDNET’s deeper dive.