“Qbot Malware Threat: How to Protect Your Business from Malicious Email Campaigns”

Jakarta – Cybersecurity company Kaspersky reminded corporate employees to be aware of the increasing threat of the Qbot malware. This one malware spreads through malicious spam email campaigns.

Kaspersky researchers noted that since April 4, 2023, more than 5,000 spam campaign emails containing PDF attachments have been received in various countries, such as the UK, Germany, Italy and France.

Then, the Malware is distributed through the genuine working correspondence of the potential victims, which have been stolen by cybercriminals.

They forward emails to all existing participants and usually ask them to open malicious PDF attachments in various situations.

For example, an attacker could ask to share all the documentation associated with an attachment or calculate the contract amount according to the estimated costs contained in the attachment.

“We recommend that companies remain vigilant because the Qbot malware is extremely dangerous, even though its core functionality has not changed over the past two years,” said Kaspersky Malware Analyst Darya Ivanova, quoted, Wednesday (26/4/2023).

Qbot is a well-known banking Trojan that functions as part of a botnet network. This malware is capable of stealing data such as passwords and work correspondence.

This Trojan allows attackers to take control of infected systems and install ransomware, or other Trojans on other devices in the network.

It is this, says Ivanova, that can increase the likelihood that an employee will fall victim to the tactic.

“To stay on the safe side, carefully check for red flags, such as misspelled sender email addresses, suspicious attachments, grammatical errors, and so on,” he explains.

In addition, a dedicated cybersecurity solution can help ensure corporate email security protection.

Therefore, to protect your organization from such threats, Kaspersky Experts recommend the following:

• Check the return address. Most spam comes from e-mail addresses that don’t make sense or appear to be bullshit. By hovering over the sender’s name, which may be spelled oddly, you can see the full email address. If you’re not sure whether the email address is valid or not, try entering it in a search engine to check.
• Be alert to messages that invoke a sense of urgency. Spammers often try to exert pressure by creating a sense of urgency. For example, the subject line might contain words like “urgent” or “immediate action required” – to pressure you to act.
• Provide training to staff on basic cybersecurity hygiene, as well as simulate phishing attacks to ensure that they know how to distinguish phishing emails from real ones.
• Use endpoint protection solutions and email servers with anti-phishing capabilities, such as Kaspersky Endpoint Security for Business, to reduce the possibility of infection via phishing
• Install a reliable security solution such as Kaspersky Secure Mail Gateway, which automatically filters spam messages.