Categories: Ad Guardian PlusNews

Christmas-themed phishing at work

Christmas-themed phishing lures hit users’ emails from spammers behind Emotet. According to researchers, Cofense Labs discovered the phishing emails.

The attackers are trying to gain legitimacy with subject lines such as “Christmas” or “Christmas Party”. One phishing email posted to Twitter by the Cofense Labs read:

I have attached the menu for the Christmas Party next week. If you would like bring something, look at the list and let me know. Don’t forget to get your donations in for the money tree. Also, wear your tackiest/ugliest Christmas sweater to the party.”

Usually, these emails have malicious Word documents attached. Thus, two of their names are “Party Meny” and “Annual Holiday Lunch”. In order to read them, users have to “enable editing”. But clicking on the button executes embedded macros to install the Emotet Trojan. Once installed, the hackers can attempt ransomware downloads, send more spam and phishing emails.

Emotet’s evolution

Emotet was at the beginning a banking Trojan. Then, hackers rewrote it to act as a malware loader. Its operators sell access for anyone interested to use it as a malware distribution network.

In just nine months, between January and September 2018, Emotet malware was detected and removed over 1.5 million times, according to Malwarebytes. In July, US-CERT decided to realease an alert about it and its capabilities, which means the threat became very serious.

Christmas-themed phishing is not at all uncommon. In 2018, such a campaign targeted users in the United Kingdom. Trend Micro warned them at the time and worked to convince them automatically disable micros in their security settings.

Such moments are the ones preferred by hackers. When people are more relaxed and think about the nice things, they tend to forget that there are many serious threats in the online world. So, they pay less attention to the source of the messages they receive and tend to open such kind of emails.

Laurentiu Titei

Recent Posts

Best Free PDF to JPG Converter to Use Online in 2025

While PDF is among the most secure file formats available, sometimes it becomes inevitable that…

17 hours ago

Best Screen Recording Software for PC

This article will be your favorite read of the day if you are a marketer,…

17 hours ago

Best Software Deployment Strategies to Use in 2025

If you wish to deploy a new software, then this article lists and explains some…

2 days ago

Apple Mobile Device USB Driver Download and Install in Windows 11/10

If you wish to proceed with the methods to Apple Mobile Device USB driver download,…

3 days ago

Best Methods to Activate Flash in Google Chrome in 2025

If you wish to activate Flash in Chrome, you can take the help of this…

4 days ago

Download SCR3310 Driver for Windows 11 and 10

Let’s have a look at some of the best methods to execute the SCR3310 driver…

6 days ago