Increase in Emotet Malware Attacks via Email
This is just a quick note to remind customers to be vigilant when reading email.
In recent days there has been an increase in malware attacks by a family of malware, and cybercrime operation, known as Emotet. [1] The Cybersecurity and Infrastructure Security Agency (CISA) recently posted an update regarding Increased Emotet Malware Activity. [2]
Some main points, to be aware of, include…
- Emotet is usually installed when you open a spam email attachment.
- Emotet can steal your personal information, including your banking user names and passwords.
- Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email. Emotet may try to persuade users to click the malicious files by using tempting language about “Your Invoice,” “Payment Details,” or possibly an upcoming shipment from well-known parcel companies. [3]
- Emotet is a polymorphic banking Trojan that can evade typical signature-based detection, by using obfuscation, that helps the malware evade detection by anti-malware products.
Suggestions for how to avoid this threat include…
- Keep your computer’s operating system and anti-virus software up-to-date. Windows 10 users can visit this page for instructions to update Windows 10.
- Don’t download or open suspicious attachments, or click shady looking links, in email messages, even if those messages appear to come from someone you know, or look like they were in reply to a message you sent.
- If you receive a suspicious message and are not sure if it is legitimate, don’t click any links, or open any attachments. Feel free to forward the suspicious message to us, for evaluation. Instructions to do that may be found on the Widomaker Weblog article on, “How To Forward Suspicious Email Messages For Evaluation.”
https://weblog.widomaker.com/knowledge-base/how-to-forward-suspicious-email-messages-for-evaluation/
When forwarding suspicious messages, be sure to forward them “as an attachment.” Instructions may be found on the Widomaker Weblog article on, “How To Forward Suspicious Email Messages For Evaluation,” in the, “How to Forward a Message as an Attachment” section.
- Stay alert and use caution when opening email. For additional reading about Emotet, see the following webpages…
https://www.malwarebytes.com/emotet/
https://en.wikipedia.org/wiki/Emotet
If you suspect you’ve already been infected by Emotet…
- Use anti-virus software, to detect and remove this threat, such as Windows Defender Antivirus [4], or Microsoft Safety Scanner [5].
- Scan all other computers on the same network.
- Change passwords for any accounts that were saved on, or accessed from, the infected computer(s), especially banking, financial, and email accounts. [6,7] Use a strong and unique password.
- Contact Widomaker, or a local computer shop, for assistance, if necessary. [8]
Notes:
[1] “Emotet.” Wikipedia. Wikimedia Foundation, January 3, 2020. https://en.wikipedia.org/wiki/Emotet
[2] “Increased Emotet Malware Activity.” Accessed January 24, 2020. https://www.us-cert.gov/ncas/current-activity/2020/01/22/increased-emotet-malware-activity
[3] ‘Emotet Malware – An Introduction to the Banking Trojan.’ Malwarebytes. Accessed January 24, 2020. https://www.malwarebytes.com/emotet/
[4] “Windows Defender Antivirus” https://www.microsoft.com/en-us/windows/windows-defender
[5] “Microsoft Safety Scanner Download – Windows Security.” https://www.microsoft.com/en-us/wdsi/products/scanner
[6] “How to Change Your Widomaker E-mail Password” https://weblog.widomaker.com/knowledge-base/how-to-change-your-e-mail-password/
[7] “How to Pick a Proper Password (Video)” https://weblog.widomaker.com/knowledge-base/how-to-pick-a-proper-password-video/
[8] “Local Computer Shops” https://weblog.widomaker.com/local-computer-shops/
