See if your email was used in Emotet attacks

New Have I Be Emotet σας επιτρέπει να ελέγξετε εάν ένας τομέας ή μία email σας συμμετείχε σε ανεπιθύμητα Emote.

The Emotet is a malware infection, which spreads through spam ηλεκτρονικού ταχυδρομείου τα οποία περιέχουν συνημμένα κακόβουλα έγγραφα Word ή Excel. Όταν το θύμα ανοίξει ένα τέτοιο αρχείο και ενεργοποιηθούν οι μακροεντολές στο Word ή στο Excel, θα εγκατασταθεί το Emotet on his computer.

Όταν μολυνθεί, το Emotet θα κλέψει το email του θύματος και θα το μεταδώσει ξανά σε διακομιστές υπό τον έλεγχο του εισβολέα. Αυτά τα μηνύματα ηλεκτρονικού ταχυδρομείου θα χρησιμοποιηθούν στη συνέχεια ως μελλοντικές καμπάνιες ανεπιθύμητης αλληλογραφίας, για να κάνουν το ανεπιθύμητο περιεχόμενο να φαίνεται νόμιμο.

Over time, the Emotet trojan will download and install other malware , such as TrickBot and QakBot on an infected user's computer. These trojans are known to lead to ransomware attacks by Ryuk, Conti and ProLock ransomware operators.

The Emonet trojan also steals e-bakning codes from the victim, which prompted the Cybercrime Prosecution will issue a warning to Greek internet users.

Today, the Italian cyber security company TG Soft, launched a new service called Have I Been Emotet, which lets you check if a domain or email address has been used as a sender or recipient of Emotet spam campaigns.

TG Soft reports that their database consists of controlled outgoing emails created by Emotet between August and September 23, 2020. During this period, they have collected over 2,1 million email addresses from approximately 700.000 outgoing emails.

To use the service, you can simply enter a domain or email address and it will let you know how many times the email address or domain has been used as the sender or recipient of an email.

For example, using this service, we can see that the domain, was used in recent Emotet campaigns and that the company received Emotet spam forty times.

If you use this service and find that your email address or domain has been used as a recipient, this does not necessarily mean that you are infected. To be infected, a user would have to open the email attachments and activate the macros before installing the malware.

On the other hand, if your domain has users referred to as a "REAL" sender, then it is possible that one of your email domain users was infected and your computers need to be thoroughly researched. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).