Cyber ​​criminals have a new tactic to spread dangerous malware Qbot and Emotet

Kaspersky experts have warned of a significant increase in malicious spam emails sent to the email addresses of companies from different countries. The number of these malicious emails increased from about 3,000 registered by Kaspersky Lab in February 2022, to about 30,000 in March. So far, emails written in English, French, Hungarian, Italian, Norwegian, Polish, Russian, Slovenian and Spanish have been noticed.

Cybercriminals intercept active email correspondence on business matters and send emails containing either a malicious file or a link aimed at infecting devices with a banking Trojan. Such a scheme makes it difficult to detect these messages and increases the chances that the recipient will fall for the scam.

Some emails sent by cybercriminals contain malicious attachments. In other cases, there is a link in the email that leads to a file in a legitimate popular cloud hosting service. Malware is often in an encrypted archive, and the password is specified in the text in the email. To persuade users to open an attachment or download a file by clicking on a link, attackers usually state that it contains some important information, such as a business offer.

Kaspersky experts believe that these emails are distributed as part of a coordinated campaign aimed at spreading banking Trojans.

In most cases, when the victim opens a malicious document, she picks it up and starts it Qbot malware, but some of these documents are also notorious Emotet. Both of these malware can steal user data, collect data on an infected corporate network, spread further across the network, and install ransomware or other Trojans on networked devices. Qbot can also access and steal email.

To protect against Qbot and Emote attacks, as well as any other malware that spreads via e-mail, Kaspersky experts recommend installing a reliable security solution at the level of the network gateway, which will automatically filter out spam and malicious messages before that end users will even have a chance to make a mistake. Basic cybersecurity training can teach them to spot the behavior of cybercriminals: for example, to know that a password in the same email with an encrypted archive can serve only one purpose – to defraud antimalware technology. It is also recommended to conduct simulated attacks so that employees can learn to distinguish between phishing and malicious emails from the original ones. Finally, Kaspersky experts recommend using a security solution on every device connected to the Internet, because if one of the employees is deceived, it can prevent the opening of a file or a malicious link.

Source: by

*The article has been translated based on the content of by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!