Emotet activity has resumed in March, using a botnet to deliver malicious documents wrapped with macros via zip file attachments to emails.
The documents use social engineering tactics to encourage the user to enable macros as Microsoft disabled macros by default in 2022. The botnet also uses binary padding to artificially inflate the file size in order to avoid triggering some security solutions.
To avoid getting infected by malicious spam emails, users should be cautious of emails from unknown senders or with suspicious subject lines. These types of emails are often paired with social engineering techniques that are designed to get recipients to click on a link or download an attachment containing malware.
Malware is malicious software, which - if able to run- can cause harm in many ways, including:
causing a device to become locked or unusable
stealing, deleting or encrypting data
taking control of your devices to attack other organisations
mining' cryptocurrency
using services that may cost you money (e.g. premium rate phone calls)
obtaining credentials which allow access to your organisation's systems or services that you use.
Using spam filters can also help automatically filter out suspicious or unwanted emails before they reach the user’s inbox. By following these precautions, both individual users and organizations can greatly reduce the risk of getting infected by malicious spam emails.
The NCSC has guidance on implementing email security solutions such as SPF, DKIM and DMARC and how to mitigate against malware attacks.
Comments