Users of Gmail, Hotmail, Outlook, and other email services should be wary of a dangerous message that can wipe out their Windows PCs with a single click, according to security experts.
Dangerous Spyware
Malicious actors are using a Microsoft vulnerability that has yet to be repaired to spread the hazardous Qbot banking trojan virus, reported first by Express UK.
This dangerous software has been discovered in infected Word documents that are being sent over email, and all it takes for a victim's PC to be infected is one click on the file.
This dangerous spyware can steal personal credentials for Windows and banking services in addition to sensitive personal and financial data.
Threat actors can use the Qbot malware to install a backdoor on affected Windows devices and offer ransomware gangs remote access.
The CVE-2022-30190 vulnerability was revealed by Proofpoint researchers, who posted about it on the security company's Threat Insight Twitter account.
Proofpoint discovered #TA570 abusing CVE-2022-30190 to spread #Qbot malware, according to their tweet. Additionally, threat actors employed thread hijacked communications with HTML attachments that, when opened, drop a zip archive.
Proofpoint saw #TA570 exploiting CVE-2022-30190 to deliver #Qbot malware. Actor uses thread hijacked messages with HTML attachments which, if opened, drop a zip archive.
— Threat Insight (@threatinsight) June 7, 2022
"Archive contains an IMG with a Word doc, shortcut file, and DLL. The LNK will execute the DLL to start Qbot. The doc will load and execute an HTML file containing PowerShell abusing CVE-2022-30190 used to download and execute Qbot," the security experts explained.
How to Avoid Phishing Scams?
In order to get people into clicking and unintentionally downloading the dangerous attachments, scammers use bogus invoices, including payment and banking details, scanned documents, and bills to trick the victims into opening the harmful downloads.
One email spreading the hoax, according to Proofpoint, purportedly alerted employees of government agencies in the United States and Europe by sending messages indicating that they had earned a wage raise.
To make sure that you will never become a victim of phishing scams, it is highly suggested that you must adopt the standard best practices of staying safe in the online world.
This includes not clicking on links or attachments in unsolicited emails from addresses you aren't familiar with, or if you encounter suspicious and unauthorized messages, it is better to put them in the trash.
Furthermore, the principle of verification is also a must. If your bank or any company that you're affiliated with sends you a suspicious message, verify them first by contacting the companies or organizations behind them.
In fact, the simplest way of spotting a scam or harmful message is by taking a closer look at the email address of the sender. Hence, before opening the actual message, you must verify the address first.
This article is owned by Tech Times
Written by Joaquin Victor Tacla
