After almost a three-week holiday vacation, the Emotet trojan is back and targeting over eighty countries with malicious spam campaigns.
When Emotet sends spam campaigns the threat actors utilise various email templates that pretend to be invoices, reports, voice mails, holiday party invites, or even invites to a Greta Thunberg climate change demonstration.
These emails include malicious attachments that when opened will install the Emotet trojan.
Once installed, Emotet will use the victim’s computer to send further spam and will also download other infections such as TrickBot, which may ultimately lead to a Ryuk Ransomware infection depending on the target.
Emotet expert Joseph Roosen told BleepingComputer that on December 21st, 2019, Emotet stopped sending spam campaigns even though their command and control servers continued to run and issue updates.
Current Emotet campaigns being seen today include regular emails and reply-chain attacks pretending to be proof-of-delivery documents, reports, agreements, and statements.
Email security firm Cofense told BleepingComputer that they have seen spam campaigns targeting 82 countries, with a heavy targeting against the United States.
Examples of Emotet spam shared by Cofense with BleepingComputer pretend to be various reports being sent to the victim for their review as shown below. These emails will either include attached documents or links that can be used to download them.
For all of the seen campaigns, when a user opens the attachment they will be presented with a message stating that this “document only available for desktop or laptop versions of Microsoft Office Word.” It then prompts the user to click on ‘Enable editing’ or ‘Enable Content’ to view the document.
Help your users avoid falling foul of these campaigns and run them through Cyber Security Awaremess training to ensure they spot the fake emails before they cause massive damage.
With thanks to the Cyber Defence Alliance and BleepingComputer.com. The full story is here: https://www.bleepingcomputer.com/news/security/emotet-malware-restarts-spam-attacks-after-holiday-break/
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customise the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organisation compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW