Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Kaspersky: Use of New QakBot Banking Trojan that Steals Emails Up 65%

    QakBot Banking TrojanRepresenting a new evolution of banking trojan, QakBot proves to be a formidable adversary against security defenses with its’ ability to steal emails – your users.

    The most effective tools a threat actor can have are context and credibility. These are the foundational elements of a really good social engineering scam. Historically, threat actors have simply used online services such as LinkedIn to identify individuals with specific roles in a target victim organization, and any public-facing detail (e.g., social media, press releases, etc.) to craft believable social engineering.

    But according to security researchers at Kaspersky, the newest version of QakBot takes the discovery portion of building a social engineering scam to a whole new level. In addition to the ability to steal keystrokes cookie, browser-based passwords, and login credentials, QakBot now has the ability to exfiltrate email content from the infected endpoint. This detail can be easily used in future attacks to establish credibility, commit fraud, and more when used against those in the initial victim’s contact list. This new ability to capture email may be the reason Kaspersky is seeing QakBot’s use is up 65% compared to last year.

    If you add a QakBot-based attack with a Business Email Compromise attack (which organizations already have as much as an 85% chance of experiencing weekly), the added degrees of context and detail potentially extracted from stolen emails could make a malwareless attack all but undetectable to its’ victim.

    This is why every user needs to undergo continual Security Awareness Training so they can be made aware of the kinds of attacks that are being experienced, what to look for, and to be so vigilant that anytime an unusual or unexpected request is made via email. Users should know to err on the side of caution, whether or not they know the sender.

     

    Return To KnowBe4 Security Blog

    Can hackers spoof an email address of your own domain?

    DSTAre you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

    Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

    Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

    Try To Spoof Me!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/domain-spoof-test/

    Topics: Social Engineering

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews