Jump to content

Emotet urges users to upgrade Microsoft Word in latest spam campaign


Recommended Posts

Emotet urges users to upgrade Microsoft Word in latest spam campaign

Microsoft Word

(Image credit: Shutterstock)

 

After disguising itself as a Windows 10 update earlier this month, the Emotet malware has now adopted a new template in which it pretends to be a message from Microsoft Office urging users to update Word in order to add a new feature.

 

 

The cybercriminals behind Emotet use a variety of different lures to trick unsuspecting users into opening their malicious attachments. In the past, Emotet spam campaigns have pretended to be invoices, shipping notices, purchase orders and even information about Covid-19.

 

All of these spam emails contain malicious Word documents that are either attached to the email itself or are downloaded by clicking on a link inside the email. Once a user opens one of these documents, they are prompted to “Enable Content” so that the malicious macros contained in the Word file will run and install the Emotet malware on a victim's computer.

 

To help trick unsuspecting users into enabling macros, Emotet spam campaigns use a number of different templates to create a sense of urgency. For instance, a spam email may request that a user sign off on an invoice or that they need to update their software, as is the case in this latest template.

Microsoft Word upgrade

In an effort to try and trick even more users, Emotet recently switched to a new template that pretends to be a message from Microsoft Office urging users to update Word in order to add a new feature.

 

 

The subject of these new emails is “Upgrade your edition of Microsoft Word” and the body of the email reads: "Upgrading your edition will add new feature to Microsoft Word. Please click Enable Editing and then click Enable Content.”

 

Once a user clicks on the Enable Content button, the malicious macros will execute and then download and install Emotet in a user's Local App Data folder.

 

What makes Emotet so dangerous is the fact that the malware is often used by cybercriminals to install other types of malware including Trickbot and QBot onto a victim's computer. Trickbot and QBot will then both attempt to steal passwords, banking details and other information stored on a user's computer.

 

To avoid falling victim to Emotet spam campaigns, users should carefully check their email and avoid opening messages and especially attachments from unknown senders. Also if a message seems too good to be true, than it likely is and any emails that implore a sense of urgency should also be avoided at all costs.

 

Via BleepingComputer

 

 

Emotet urges users to upgrade Microsoft Word in latest spam campaign

 

ThanksForReading200x49.jpg

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...