Be on the lookout!
Bleeping Computer reported today that the Qbot (aka Qakbot, Pinkslipbot, and Quakbot) is sending out election themed “interference” messages with DocuSign disguised malicious Excel spread sheets designed to drop backdoors, keyloggers. MalwareBytes also found:
“The mailspam is camouflaged as replies in previously stolen email threads, a tactic used to add legitimacy in the targets’ eyes.”
“This new template has been adopted to abuse the public’s concerns regarding the 2020 US elections’ outcome, and to make it easier for the threat actors to lure potential victims into opening bait documents and enabling macros used to drop malware payloads.”
Make sure your users are regularly sent simulated phishing messages and inoculated against these social engineering designed attempts to trigger curiosity and get that “irrational” and reactionary part of the brain clicking.
Hijacked email replies are a tool hackers use to give even more credibility to a phish. Stay vigilant! Have you seen any of these yet?