Categories: Ad Guardian PlusNews

Christmas-themed phishing at work

Christmas-themed phishing lures hit users’ emails from spammers behind Emotet. According to researchers, Cofense Labs discovered the phishing emails.

The attackers are trying to gain legitimacy with subject lines such as “Christmas” or “Christmas Party”. One phishing email posted to Twitter by the Cofense Labs read:

I have attached the menu for the Christmas Party next week. If you would like bring something, look at the list and let me know. Don’t forget to get your donations in for the money tree. Also, wear your tackiest/ugliest Christmas sweater to the party.”

Usually, these emails have malicious Word documents attached. Thus, two of their names are “Party Meny” and “Annual Holiday Lunch”. In order to read them, users have to “enable editing”. But clicking on the button executes embedded macros to install the Emotet Trojan. Once installed, the hackers can attempt ransomware downloads, send more spam and phishing emails.

Emotet’s evolution

Emotet was at the beginning a banking Trojan. Then, hackers rewrote it to act as a malware loader. Its operators sell access for anyone interested to use it as a malware distribution network.

In just nine months, between January and September 2018, Emotet malware was detected and removed over 1.5 million times, according to Malwarebytes. In July, US-CERT decided to realease an alert about it and its capabilities, which means the threat became very serious.

Christmas-themed phishing is not at all uncommon. In 2018, such a campaign targeted users in the United Kingdom. Trend Micro warned them at the time and worked to convince them automatically disable micros in their security settings.

Such moments are the ones preferred by hackers. When people are more relaxed and think about the nice things, they tend to forget that there are many serious threats in the online world. So, they pay less attention to the source of the messages they receive and tend to open such kind of emails.

Laurentiu Titei

Recent Posts

0x80370114 The Operation Could Not Be Started Because a Required Feature Is Not Installed

Are you unable to access the Linux environment, as a required feature, typically the Virtual…

9 hours ago

How to Make Google Docs Dark Mode

Being writers, we spend a lot of time on Google Docs, writing these tech guides…

9 hours ago

How to Pin Your Favorite Contacts to the Taskbar on Windows PC

Imagine one-click access to the people you communicate with most, directly from your computer’s Taskbar.…

1 day ago

Best Fan Speed Controller Software to Use on Windows

Is your CPU or GPU overheating, are you experiencing hardware damage, or are you experiencing…

1 day ago

How to Fix Greyed-Out Volume Options in Disk Management on Windows

Windows 11 extend volume greyed out is an annoying issue when you try extending the…

2 days ago

Epson L121 Driver Download and Install for Free

The Epson L121 printer is a reliable printing machine recognized for its fast print speed…

2 days ago