Delivery of Malware: A Look at Phishing Campaigns in Q3 2022 –

Delivery of Malware: A Look at Phishing Campaigns in Q3 2022 –

Delivery of Malware: A Look at Phishing Campaigns in Q3 2022 – 0 0 Alan Dickson

Entering the second half of 2022, phishing attacks and campaigns continue to be the top threats targeting organizations, using a variety of techniques to infect users and organizations. Following our observations posted last quarter, FortiGuard Labs has continued to track many malware families, including Emotet, Qbot, and Icedid. We continually find malicious files delivered via phishing emails using Microsoft Excel files, Microsoft Word Documents, Windows shortcut files, and ISO image files to deliver their malware.
To help organizations better identify and prevent phishing attacks and infections, this blog provides some of the most common details and techniques used by these malicious files for malware deployment.
Affected Platforms: Microsoft Windows
Impacted Users: Windows users
Impact: Controls victim’s devices, collects sensitive information, and delivers other malware
Severity Level: Critical

Phishing emails combined with social engineering continue to be the most common malware campaign strategy. Similar to previous quarters, the phishing emails we have tracked in Q3 of 2022 include a malicious file attachment or a link to a malicious site that downloads a malicious file. We have also observed a technique known as HTML Smuggling-an evasive malware delivery technique widely used to create a password-protected ZIP file and save it on a victim’s device. This could be an HTML Smuggling attachment or an HTML Smuggling link. Both open in the browser, resulting in the download of a malicious file or files.
Figure 1 shows an HTML Smuggling file attached to an email. Once opened, a password-protected ZIP file is dropped, and the password in the email is required to unzip it.
Fortinet Inc. published this content on 04 October 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 05 October 2022 02:01:03 UTC.


    Would you like to receive notifications on latest updates? No Yes