Emotet Malspam Campaign Uses Snowden’s New Book As Lure (Sep 23, 2019)
Emotet resumed its activity one week ago after months of dormancy. Emotet is considered one of the most prolific threats to organizations over this last year. Whilst Emotet continued to use old methods to trick users, by incorporating invoice themed subject lines (for example). It was found to have used Edward Snowden’s new book “Permanent Record” as a lure this week. Emotet has a large and successful botnet behind it and is usually followed up by a further infection after initial compromise. Malware such as Trickbot or Ryuk Ransomware can infect an end point after compromise. Emotet has been particularly up to date with the themes of its lure.
Recommendation: The use of current events in spearphishing campaigns is one aspect of phishing that all users must be aware of. Organisations can do much to protect their networks and data by implementing good security awareness programs. Usually such programs can include regular phishing exercises to help staff develop greater discernibility to detect emails that might be malicious.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.