Spam
Attackers have commonly use HTML attachments for phishing due to its capability of designing a webpage. They would need a webpage in order to mimic login pages of well-known companies, which in turn will trick the user to input their credentials thinking that they are in a legitimate website.
Read moreEver since Microsoft disabled running macros from Officefiles downloaded from the internet or email attachments, threat actors havebeen compelled to find new ways to spread malware. Such as malware, ICEDID and QAKBOT, were both observed being delivered via malicious PDF attachmentsin spam emails.
Read moreRecently, we observed spam emails thattargeted users in Latin America. The emails, which were written in Spanish, informedvictims about an outstanding balance or a pending payment.
Read moreWe continuously witness the evolution of QAKBOT, a sophisticated data stealer malware, come up with old and new techniques to bypass email security filters. We dive deep on this in the article 'Qakbot loader Returns With New Techniques And Tools'.
Read moreAfter months of hiatus, the notorious malware EMOTET has resumed its spam operations with a mixture of old and new techniques. Discovered in 2014, EMOTET began as a banking trojan that steals victims' credentials and information.
Read moreEarly in 2023, there started a rise of malware campaigns that used and abused Microsoft's Note-taking Application, OneNote. One of the malware families that took advantage of this time is QAKBOT, a banking trojan that is known for being a conduit for delivering other payload into a victim's device.
Read moreA new malspam campaign has been discovered delivering Aurora Stealer through inquiries targeting Hotel Companies. Aurora Stealer is an information-stealer with remote access capabilities.
Read moreWe observed a spam campaign that has been using Microsoft-related templates such as Office 365 and SharePoint notifications to spread new malware since September 2021. Along with usual lures like COVID-19, these spam emails trick users to open malicious HTML attachments or click malicious links, both of redirects unwitting users to download a malicious XLS file.
Read moreAs the pandemic continues to rage across the world, supermarkets adapted to create their own online delivery platforms to meet their customers' needs. One particular service is the Instacart, a US-based grocery company that operates a delivery and pick up service.
Read moreScammers are targeting video conference apps users as they try to lure victims into their schemes. In this particular spam campaign, scammers are sending messages purportedly alerting recipients on a zero-day vulnerability on the video conferencing app Zoom.
Read more