It’s Baaaaaaaack! Emotet Trojan Rears Its Ugly Head Once Again After a 3-Month Vacation

emotet-banking-malwareOne of the most dangerous pieces of malware to-date, this trojan-turned-botnet has come back after a brief hiatus and appears to be a part of a new spear phishing campaign targeting organizations.

Emotet, once considered “among the most costly and destructive malware”, according to the U.S. Cybersecurity and Infrastructure Agency, has come back to life in a new campaign, according to threat researchers at Malwarebytes.

The campaign, aimed at organizations in both the United States and several specific European Union countries, is focused on getting potential victims to open and interact with an email using the subject of “Payment Remittance Advice”.

Recipients are presented with a Word doc attachment and the message “Your statement is attached. Please remit payment at your earliest convenience.”

This is dangerous malware – it’s a sophisticated credential-stealing piece of malware badness that cause organizations to incur massive costs, such as the $1 million price tag for the City of Allentown.

Organizations need to not just put users on alert to be watchful for emails seeking payment remittance, but engage them in ongoing Security Awareness Training as a last line of defense to ensure users understand the need for good security practices and to avoid any kind of suspicious email links and attachments.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews