One of the most dangerous pieces of malware to-date, this trojan-turned-botnet has come back after a brief hiatus and appears to be a part of a new spear phishing campaign targeting organizations.
Emotet, once considered “among the most costly and destructive malware”, according to the U.S. Cybersecurity and Infrastructure Agency, has come back to life in a new campaign, according to threat researchers at Malwarebytes.
The campaign, aimed at organizations in both the United States and several specific European Union countries, is focused on getting potential victims to open and interact with an email using the subject of “Payment Remittance Advice”.
Recipients are presented with a Word doc attachment and the message “Your statement is attached. Please remit payment at your earliest convenience.”
This is dangerous malware – it’s a sophisticated credential-stealing piece of malware badness that cause organizations to incur massive costs, such as the $1 million price tag for the City of Allentown.
Organizations need to not just put users on alert to be watchful for emails seeking payment remittance, but engage them in ongoing Security Awareness Training as a last line of defense to ensure users understand the need for good security practices and to avoid any kind of suspicious email links and attachments.