Cyber Criminals Likely Using IQY Files in Phishing Campaigns
US federal authorities are assessing cybercriminals are likely using Internet query (IQY) files in their phishing campaign emails targeting US businesses, indicating a new tactic, technique, and procedure (TTP). Historically, most cybercriminal phishing campaigns used embedded macros or executables in order to run malicious code. By using IQY files, the malicious email has a higher chance of success by circumventing computer network and email filters due to a lack of malicious code embedded in the email attachment, with the IQY file using a simple web URL as its payload.
To read the full article and find an archive of related reporting, follow this link to READBOARD.