US federal authorities are assessing cybercriminals are likely using Internet query (IQY) files in their phishing campaign emails targeting US businesses, indicating a new tactic, technique, and procedure (TTP). Historically, most cybercriminal phishing campaigns used embedded macros or executables in order to run malicious code. By using IQY files, the malicious email has a higher chance of success by circumventing computer network and email filters due to a lack of malicious code embedded in the email attachment, with the IQY file using a simple web URL as its payload.
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM
