Emotet, the malware campaign that has been causing havoc for computer systems all over the world, has reappeared with a new approach to infecting devices. An email attachment claiming to be from Windows Update and instructing users to upgrade Microsoft Word is now being used to lure unsuspecting victims into downloading the malicious software.
The malware works by first sending spam emails that contain either a Word document attachment or a download link. Victims will then be prompted to ‘Enable Content’ to allow macros to run on their device, which will install the Emotet Trojan.
The new document template being used to trick victims into downloading these macros takes the guise of a Windows Update message. Previous Emotet templates have purported to be from Windows 10 Mobile, Office 365 and the Widows Office Activation Wizard.
Emotet has been one of the most prevalent online threats since at least last year and one of the ways that it has achieved its longevity is by subtly shifting its method of attack. Earlier this month, the malware entered the political arena by piggybacking on the US presidential election in order to dupe potential victims.
Although when Emotet was initially discovered it operated as a banking trojan, today it is more commonly used as a method to distribute other malware strains, including Trickbot, QBot and related ransomware. Its ability to evade detection makes it one of the most effective malware campaigns of recent times.
With the recent Emotet resurgence, online users need to be particularly vigilant against malicious spam emails. It’s good practice to never open an email unless it’s from a trusted sender and to always ensure that your security software is up-to-date. And with regard to Emotet specifically, if you receive an email attachment asking you to enable macros on Microsoft Word, it’s probably best to ignore it.
Sign up to get breaking news, reviews, opinion, analysis and more, plus the hottest tech deals!
TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
Emotet, Microsoft Windows, Windows Update
World news – GB – This nasty malware has disguised itself as a Windows 10 update