Emotet is now running in the US presidential election with a new spam campaign pretending to come from the Democratic National Assembly's Team Blue initiative.
When the Emotet gang sends spam, their main goal is to persuade the recipients to open the attached malicious document. This is usually done through email subjects who pretend to send documents, invoices, payment receipts and voice messages.
During holidays or major political events, the Emotet gang is known to send various emails to persuade them users to open attachments. These emails include invitations to a party or even a Greta Thunberg show.
Once the attachments are opened and activated macros, Emotet malware will be installed on a computer. It will then steal your emails and use your computer to send further spam.
Emotet is trying to take advantage of the 2020 elections
A few days after the first presidential debate, the menace behind Emotet launches a new spam campaign pretending to be from the DNC.
This new campaign pretends to be from the Democratic Party's "Team Blue Take Action" initiative, asking for volunteers to help Democrats get elected to elections of 2020.
According to ProofPoint, which spotted this new Emotet campaign, spam emails use email themes such as "Team Blue Take Action", "Valanters 2020", "List of Works" and "Volunteer".
Malicious documents are also named to match the subject of the email and have names files such as "Team Blue Take Action.doc", "List of works.doc", "Valanters 2020.doc" and "Volunteer.doc".
When the email is opened, the attachments will pretend to be created by a device iOS and you will be asked to click on "Enable Content" to view them correctly.
Once you turn it on contentHowever, malicious macros will start downloading and installing the Emotet trojan on your computer.
The Trojan will run silently in the background while using it computer to send further spam and download other malware to your computer.
As a general rule, never open attachments from anyone without confirming by phone that the file was actually sent to you. You should also always be careful when activating content or macros in any attachment you receive.