Return to site

The rising threat of Emotet in the US

· Security,Malware,Cybersecurity

Emotet spreads primarily as an email scam, using a method called thread hijacking where it replies to stolen email thread conversations and includes malware attachments.  Emotet aims to extort money from its victims, steal credentials or sell access to other cybercriminals.  In the US, you are 20% more like to become a victim of an Emotet attack compared to the rest of the world.

How does Emotet work?

  1. Emotet predominantly spreads via email scams containing this malware.
  2. It uses infected attachments, usually Word or Excel documents, in these emails.
  3. Once opened, these infected attachments install Emotet malware onto your device.
  4. Emotet then infiltrates your email conversations with messages containing malware.
  5. It sends iteself to your friends and family. This is called thread hijacking.

The US Department of Homeland Security identifies Emotet as highly dangerous malware with an equally expensive outlay to repair. The cost of deailing with each incident is estimaed to be around $1 million.

How can you protect yourself from Emotet?

  • Always install the security updates for your operating system as soon as they are available, as well on any other applications you have on your devices. These security patches are deisgned to keep you safe and having the most up-to-date versions is important.
  • Use your antivirus software. 
  • Never click on links in emails if you have question about the sender, or of the attachment.  Even if the sender seems legitimate, remember that they could be a covtim of Emotet thread hijacking. ou can lways contact the sender on a separate platform to ask what the link or attachment is.
  • Never pres the 'Enable Content' button in Microsoft Word or Excel if you have accidenttally opened a suspicious, questionable or unknown attachment.  This can initiate instructions that infect your device with Emotet.

More information is available here: