The infamous Emotet Trojan is back! It is currently spreading at an alarming rate via spam e-mail campaigns. This new Emotet Spam Campaign intends to deceive US Taxpayers by making them click on malign links or download deceitful attachments that claim to contain the W-9 Forms.
W-9 Forms are the first set of documents required by the US taxpayers to file taxes. You may wonder why the novel Emotet spam campaign is primarily using these forms.
Well, the tax season in the United States has started off & these spam campaigns are expected to develop & propagate even more, as the final date of filing taxes is approaching by.
Read on to know more about this nasty Trojan, the new Spam Campaign & possible ways to remove Trojan.emotet from the system.
Emotet is the name of nasty Banking Trojan that first surfaced to limelight in year 2014. Originally, it was designed to break into the systems via malvertising & steal sensitive information of the users. The gathered information included banking credentials, usernames & passwords and e-mail addresses.
However, the later & advanced versions of Emotet Trojan included malware delivering services such as other banking Trojans & malware.
Surprisingly, Emotet can smartly avoid detection by the anti-malware solutions & applications. It possesses worm-like capabilities that help Emotet proliferate to the other connected systems & spread malware.
No wonder, Emotet Trojan is considered as the most devastating malware that impacted government & private organizations and individuals. The impacted users & organizations had to spend up to $1M to get rid of this nasty Banking Trojan.
The devious Emotet Trojan has returned with a new phishing campaign that disguises as W-9 form attachments.
The cyber-criminals behind this novel Emotet Spam Campaign are taking advantage of tax season in the United States. They manipulate taxpayers by sending out a large number of spam e-mails containing malevolent links & infected attachments.
The e-mails claim to contain a signed W-9 form, a mandate document required by the US taxpayers to file taxes.
According to a report by the Cofense researchers, the phishing e-mails send out by the hackers are not complex. While some of the e-mails contain an attachment, others arrive with a link to download the document. A mere click on attachment or link delivers Emotet on the user’s system.
Once the attachment is clicked, the malicious Emotet Word document opens & prompts the user to “Enable Content” to view the document.
Once the content is enabled, malicious macros launch PowerShell command, which leads to the installation of Emotet Virus on the targeted system.
While the current spread technique is not sophisticated, the researchers suspect the campaigns will get complex as we move towards annual filing date of taxes in US.
1). By Spam E-mail Campaigns containing fraudulent links & infected attachments
2). Uses Brute-Force Attack to enter in to the connected systems
3). Uses vulnerabilities such as Eternal Blue/Double Pulsar, which also led to WannaCry & NotPetya Attacks.
The Federal Trade Commission (FTC) declared the first week of February 2020 as Tax Identity Theft Awareness Week, in the light of Emotet Spam Campaign. FTC rolled out few tips to help people protect their identity during tax season in the United States.
1). People are requested to protect their Social Security Number (SSN) all through year 2020 & avoid sharing it unless there’s a valid reason.
2). It is advisable to file the tax returns as early as possible in the tax season.
3). Consider using a secured Internet Connection while filing tax return electronically, else, use post office to mail your tax returns.
4). Avoid handing over personal information unless you feel secured about the Tax Preparer.
5). Ensure checking your credit report online for a minimum of one time in a year. Make certain no two accounts exist online with your name.
Once infecting a system, Emotet Trojan can infect the entire organization in no time. To check if Emotet has infected your system, use the new EmoCheck tool released by CERT Japan.
If you suspect an infection via the novel Emotet Spam Campaign, instantly check for the extent of damage caused. In case the infection has not spread beyond the initially targeted system, disconnect it from the network to prevent it from proliferating.
However, if the infection has spread, you can follow the steps given below:
1). Close down the entire Network.
2). Secure the system & network by reducing its surface of vulnerability.
3). Remove the malware by using reliable antivirus solutions such as Vipre and BULL GUARD .
Hits: 366
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.