Emotet Spam Campaign
News | 02/11/2020

Nasty Emotet Trojan Stings US Taxpayers via Spam Campaign

About: The nasty Emotet Banking Trojan is back. It is sending out Spam E-mails to the US taxpayers & making them click on malicious links & attachments by claiming it to be a W-9 Tax form. Read on to know how to prevent this nasty virus from infect...  Read More  

| News | Nasty Emotet Trojan Stings US Taxpayers via Spam Campaign

The infamous Emotet Trojan is back! It is currently spreading at an alarming rate via spam e-mail campaigns. This new Emotet Spam Campaign intends to deceive US Taxpayers by making them click on malign links or download deceitful attachments that claim to contain the W-9 Forms.

Emotet Malicious Document

W-9 Forms are the first set of documents required by the US taxpayers to file taxes. You may wonder why the novel Emotet spam campaign is primarily using these forms.

Well, the tax season in the United States has started off & these spam campaigns are expected to develop & propagate even more, as the final date of filing taxes is approaching by.

Read on to know more about this nasty Trojan, the new Spam Campaign & possible ways to remove Trojan.emotet from the system.

What is Emotet Trojan?

Emotet is the name of nasty Banking Trojan that first surfaced to limelight in year 2014. Originally, it was designed to break into the systems via malvertising & steal sensitive information of the users. The gathered information included banking credentials, usernames & passwords and e-mail addresses.

However, the later & advanced versions of Emotet Trojan included malware delivering services such as other banking Trojans & malware.

Surprisingly, Emotet can smartly avoid detection by the anti-malware solutions & applications. It possesses worm-like capabilities that help Emotet proliferate to the other connected systems & spread malware.

No wonder, Emotet Trojan is considered as the most devastating malware that impacted government & private organizations and individuals. The impacted users & organizations had to spend up to $1M to get rid of this nasty Banking Trojan.

Insight into the new Emotet spam campaign

The devious Emotet Trojan has returned with a new phishing campaign that disguises as W-9 form attachments.

The cyber-criminals behind this novel Emotet Spam Campaign are taking advantage of tax season in the United States. They manipulate taxpayers by sending out a large number of spam e-mails containing malevolent links & infected attachments.

The e-mails claim to contain a signed W-9 form, a mandate document required by the US taxpayers to file taxes.

Emotet Protected Doc

According to a report by the Cofense researchers, the phishing e-mails send out by the hackers are not complex. While some of the e-mails contain an attachment, others arrive with a link to download the document. A mere click on attachment or link delivers Emotet on the user’s system.

Once the attachment is clicked, the malicious Emotet Word document opens & prompts the user to “Enable Content” to view the document.

Once the content is enabled, malicious macros launch PowerShell command, which leads to the installation of Emotet Virus on the targeted system.

While the current spread technique is not sophisticated, the researchers suspect the campaigns will get complex as we move towards annual filing date of taxes in US.

How does Emotet Trojan Spread?

1). By Spam E-mail Campaigns containing fraudulent links & infected attachments

Emotet Malicious E-mail

2). Uses Brute-Force Attack to enter in to the connected systems

3). Uses vulnerabilities such as Eternal Blue/Double Pulsar, which also led to WannaCry & NotPetya Attacks.

Tips from Federal Trade Commission to avoid getting infected

The Federal Trade Commission (FTC) declared the first week of February 2020 as Tax Identity Theft Awareness Week, in the light of Emotet Spam Campaign. FTC rolled out few tips to help people protect their identity during tax season in the United States.

1). People are requested to protect their Social Security Number (SSN) all through year 2020 & avoid sharing it unless there’s a valid reason.

2). It is advisable to file the tax returns as early as possible in the tax season.

3). Consider using a secured Internet Connection while filing tax return electronically, else, use post office to mail your tax returns.

4). Avoid handing over personal information unless you feel secured about the Tax Preparer.

5). Ensure checking your credit report online for a minimum of one time in a year. Make certain no two accounts exist online with your name.

Emotet removal instruction | Virus Removal Guide

Once infecting a system, Emotet Trojan can infect the entire organization in no time. To check if Emotet has infected your system, use the new EmoCheck tool released by CERT Japan.

If you suspect an infection via the novel Emotet Spam Campaign, instantly check for the extent of damage caused. In case the infection has not spread beyond the initially targeted system, disconnect it from the network to prevent it from proliferating.

However, if the infection has spread, you can follow the steps given below:

1). Close down the entire Network.

2). Secure the system & network by reducing its surface of vulnerability.

3). Remove the malware by using reliable antivirus  solutions such as Vipre and BULL GUARD .

Hits: 462

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Rajasthan 302033
Phone: +91 9799661866