Notorious Emotet malware resurfaces
The well-known piece of malware originally used to steal data from email address books has re-emerged in a significantly advanced form.
Hackers have now upgraded the Emotet malware to not only capture a victim’s email address book, but to also capture and extract entire email conversations from the last 180 days. What makes this significant is that it represents a change in tactics by cyber criminals as they are now developing advanced techniques in order to carry out targeted attacks.
The most common method of attack is through phishing emails, using the following techniques:
- Inserting malicious URL links into the body of emails.
- Adding fake attachments such as invoices.
- Attacking specific individuals or teams within an organisation, otherwise known as spear phishing.
Clicking on these malicious links and/or attachments will infect machines and allow the hackers a point of entry into an organisation’s computer network. Incidents of this nature are often very costly and can potentially take months to rectify.
Martin Swann of Vantage Professional Risks commented:
“Malware and Ransomware are constant exposure for all businesses. With the code constantly evolving it is imperative that any patches and upgrades to the software used are installed when released to ensure you have the most up to date protection. Awareness training with staff around identification of a phishing attempts and procedures for dealing with fake emails and malicious attachments can further reduce your exposure to a breach.
Given the increase threats and enhanced regulation around data privacy having insurance protection in place to cover the costs of a breach is arguably a necessity now for all businesses.”