3.30.22

Fake Emails Appearing To Be From You Scam!

Cybercriminals are using a new Malware called QakBot that allows them to send phishing emails to your users from your email account.

Phishing emails come in many forms and impersonate many senders but have you seen an email impersonating yourself? In the latest scam, cybercriminals use your email address to send phishing links to other users.

Cybercriminals are using the newest version of Malware called QakBot. The way use this software is by sending you a phishing email with phishing links. Once you click on the link, QakBot is automatically installed on your computer. QakBot is malware that can record keystrokes, steal login information and gain access to your email accounts. Once it is installed on your computer, the bad guys can send out phishing emails to your entire address book.

This scam in particular uses your reply all button and email threads. Since you have already built a trust with the person or people you are emailing QakBot is attracted to that and will try and trick them with a phishing email coming from you. Using the “reply all” button will allow QakBot to send out a phishing email to the users you have already interacted with. People are more likely to open these emails because they appear to be coming from you and already trust you.

 

Tips:

  • Be cautious of emails that only have a short message and a link. Always reach out to the sender if you think the link is unsafe.
  • Cybercriminals love to make you feel a sense of urgency in emails and messages. They rely on your impulse actions. Remember to think before you click!
  • Never download an attachment or click on a link from an email you weren’t expecting. Keep this tip in mind when you receive links or attachments from people you know too. Reach out to the person you know before clicking or opening anything!

Learn more tips like this and train your employees with our Security Awareness Training Program.