Emotet phishing emails are making a comeback.
What is an Emotet phishing email?
Emotet is essentially a credential-stealing trojan. At first they appear to be fairly ordinary – disguised as fake invoice notice or often a pdf file as below:
It’s far too easy to make the mistake and accidentally download it, infecting your computer
What does it do?
As we said, it’s a credential-stealing phishing email, it will steal your email/Office 365 credentials and look to automatically forward the same file or email to any of your contacts you ever sent of received an email from (not just your address book) and look to steal their credentials and repeat the process.
The goal is to compromise as much accounts as it can and steal any information it can from either your emails or any document you’ve ever sent or received.
How to prevent/stop it?
Following simple steps means you can prevent this attack.
- Always exercise caution when you receive an email attachment
- You’ll never be asked to enter your corporate username/password to open an attachment. If it’s from a legitimate source – password protection will be set before the email is sent or within the email.
If you receive an email with an oversized icon as the PDF file above, delete it.
If you have already accidentally opened one of these – best practice is to immediately change your password to something very secure. If you’re having issues we’re here to help so please contact us below or give us call on 02890897650.