Emotet, arguably one of the most active malware threats of the past five years, took a bit of a break during the summer months to receive an update and has returned now as a Windows Update attachment.
Emotet, an ever-evolving botnet, is spread through phishing and spam email campaigns containing malicious links and attachments. In recent weeks, it has been delivered as an attachment claiming to be a Windows Update, using a convincing email message explaining that windows applications require an update and the attached document contains instructions to perform the update. In reality, malicious macros are enabled, allowing for the installation of Emotet on the device, and in many cases leading to the installation of other threats such as ransomware. The best defense against Emotet and phishing campaigns is awareness that email attachments and links may be malicious. Users should never open an attachment from an email account that is not trusted or expected, never enable macros in MS Word, and ensure that an effective and up-to-date anti-malware program is installed and running on devices and in your organization’s environment.