If emails seem like a safe and mundane part of your internet experience, you haven’t been paying attention. Using email is almost second nature for many at this point, but not everyone is aware of how easy it is to hijack emails for sinister purposes.
The biggest example of how fraught our inboxes have become can be found in the phishing and fraud epidemic happening all over the world at the moment. Because so many of us are inside and online during COVID-19, hackers are using this opportunity to flood emails with malicious links and scams. Tap or click here to see where they’re all coming from.
Now, researchers have discovered dangerous malware is spreading through emails. Once it’s in your system, it scans through all the messages you’ve sent to use them against other victims. Here’s how it works and what you can do to stop it.
Double check your email
Cybersecurity researchers at Check Point Security have published a bulletin warning of a new phishing tactic that puts malware front-and-center on victim’s PCs.
The primary targets appear to be users of Microsoft Outlook, which lines up with another recent phishing scheme centered around fake system alerts. Tap or click here to see how to stop yourself from falling for that phishing attack.
The malicious emails arrive in a deceptive form that can look like a message from someone you know, or at the very least, a coherent email from someone else. But opening the message and its attachments invites a well-known Trojan called QBot into your system.
QBot, also known as Qakbot and Pinkslipbot, has multiple functions once it infects your system — and none of them are good. It not only steals passwords, banking information and browsing data like ordinary phishing malware, but it also has the ability to deploy ransomware and scan through your email threads in Microsoft Outlook.
And that last feature is part of what makes it so dangerous to the internet at large. When QBot combs through your emails, it clips the text and subject lines while rearranging them into seemingly coherent messages that it can send to new victims. The Trojan email that can infect your computer with QBot in the first place is created this way.
Deeper research revealed that QBot’s deployment is part of larger efforts by the Emotet botnet, a dangerous network of malicious systems engaged in a worldwide spam and phishing operation. If you’re infected by QBot, it’s possible your computer could become part of this digital zombie army that’s attacking other systems around the world.
How can I protect myself from QBot?
To be as safe as possible, keep a close eye on any emails coming into your inbox. If you don’t recognize the sender, delete it. Don’t take any chances. If it’s important enough (such as an email from someone you know with a new address), they can send it again.
Speaking of people you know, you can’t necessarily trust emails from what appear to be your contacts either. If there is no attachment to the message, you’re probably safe to open the message. But if the email appears to come from your contacts and includes attachments, check with them to make sure they actually sent it out of an abundance of caution.
At the same time, if you haven’t had a chance, take a moment to beef up your digital security with an antivirus suite that can protect you and clean out infections. Tap or click here to see our favorite antivirus programs.
It’s important to remember that despite the bad press and dangerous complications caused by QBot, it’s still a phishing Trojan at heart. That means if you avoid interacting with it or downloading any of its payloads, it cannot hurt you.