The QBot ransomware family comprised nearly 88% of malicious payloads in those phishing emails. It’s all about the malware Drilling down into those malicious emails, PhishLabs said malware-laced emails delivered their payloads mostly as attachments, such as OneNote and Adobe documents and via HTML smuggling campaigns.

Source: SC Magazine