QBot Spews Election Themed Phishing Lures To Grab Your Users Credentials and Drop Backdoors

Be on the lookout!

Bleeping Computer reported today that the Qbot (aka Qakbot, Pinkslipbot, and Quakbot) is sending out election themed “interference” messages with DocuSign disguised malicious Excel spread sheets designed to drop backdoors, keyloggers. MalwareBytes also found:

“The mailspam is camouflaged as replies in previously stolen email threads, a tactic used to add legitimacy in the targets’ eyes.”

“This new template has been adopted to abuse the public’s concerns regarding the 2020 US elections’ outcome, and to make it easier for the threat actors to lure potential victims into opening bait documents and enabling macros used to drop malware payloads.”

Make sure your users are regularly sent simulated phishing messages and inoculated against these social engineering designed attempts to trigger curiosity and get that “irrational” and reactionary part of the brain clicking.

Hijacked email replies are a tool hackers use to give even more credibility to a phish. Stay vigilant! Have you seen any of these yet?


Featured Webinars


Advanced Phishing and
Training

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More
Gold/Platinum/Diamond
Features

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service