The fact that phishing attacks have been on the increase for years is no longer a secret. Nevertheless, a large-scale spam campaign around the Trojan “Emotet” is currently causing fear and terror in Germany. Due to the acute danger, the Federal Office for Information Security (BSI) has issued a new warning.

That’s what makes Emotet so dangerous.

The malware reaches the computer via phishing mails. Once Emotet is in the system, disaster takes its course. The Trojan horse can be used to store various types of malware. Trojans that spy out access data for online banking are used particularly frequently. In addition, Ransomware can be distributed via Emotet, which encrypts files and deletes backups. In the following, a ransom is demanded for the release of the affected data.

Spread particularly difficult to stop

The spread of Emotet is particularly difficult to control. This is because the program is able to readout information about contact relationships and email content. Based on this information not only further victims can be identified, but also individual Spear phishing mails can be generated. This is how phishing emails seem to come from people with whom the receiver has only recently communicated. If even subject and content match past emails, trust is usually high enough to open attachments or click on links. This in turn causes the malware to reach the PC of its next victim.

This is how you should behave if your systems are infected

According to the BSI, Emotet led to serious production losses in several cases. If you notice the Trojan on your systems, you should immediately isolate any potentially infected systems from the network to prevent further propagation. To do this, remove the network cable. It is not sufficient to switch off the device. The affected systems should then be reinstalled. In addition, all stored passwords should be changed. It is also advisable to report the incident to the BSI and to inform your business partners.

This is what you should do to protect yourself from Emotet

In addition to the use of antivirus software, the BSI strongly advises you to install security updates for operating systems and application programs promptly and to perform regular offline backups. The most important measure recommended by the BSI, however, is the sensitization of employees, as they play a prominent role in the dissemination of and protection against Emotet. Since antivirus programs and filters don’t always reliably detect the latest versions of the Trojan, employees should know exactly how to detect personalized emails – and also be aware of what they shouldn’t do!

The first step should therefore be to inform employees about the current threat situation, e.g. through mailings or offline media such as posters. In order to ensure long-term awareness, however, a sustainable solution is needed to sensitise employees. This is where online solutions come in, e.g. classic eLearnings or phishing simulations. This confronts the employees with e-mails, which are e.g. exactly modelled to look like typical Emotet e-mails. In this way, your employees will continuously learn how to deal with the latest cyber attacks – in a time-saving manner.

About SoSafe

SoSafe tests, sensitizes and trains your employees in the correct handling of all types of social engineering attacks. We train your employees with a modern, easy-to-use SaaS tool and simulated attacks in the correct handling of cyber risks. Ask now for a non-binding test run at SoSafe. This will give you initial transparency about how vulnerable your organization is to such attacks. Cyber Security Awareness made in Germany