Emotet is here… and you should be aware
Viruses and malware often go by bizarre names and Emotet (most likely a play on the ancient Egyptian priest Imhotep) is no exception, but don’t let the strange names fool you. Emotet is here to steal your details.
Whilst Emotet has been around since 2014, one of the more alarming items that has come to light is the fact that Emotet is able to change its identity and appearance making it harder for anti-virus software to detect and destroy.
How does Emotet work?
Emotet is distributed thorough spam campaigns and phishing attacks. These emails will typically say they have an invoice attached, but you will need to login to get it. Once Emotet has got a set of credentials, a download will start on the computer and it will install itself.
Emotet will not only go through your contacts and email them to start the process again, it will also scan your network and try to gain access to other computers and servers and spread itself across the network, replicating everything it does.
What does Emotet do?
One of the primary functions of Emotet is to capture online banking details, meaning that an attacker can seriously damage your business. Emotet also could let other viruses and malware onto your system, making not only your bank, but also your internal systems available to a myriad of attackers. Other negative consequences may include:
Should I be concerned?
Everyone should be aware of the impact that infections like Emotet pose. Downtime from the result of such an infection can be expensive- the loss of funds from a bank account is just one of the issues that arise after an attack, especially if you don’t find out for some time. Unfortunately, there is no silver bullet when it comes to IT security. There is, however, the concept of layered security that can make it more difficult for an attacker to gain access to your systems (and your bank)
How can I prevent this sort of attack from happening?
Using a layered security approach, you can minimise the risk to your company by taking the following steps:
Consider implementing the best practices outlined by Cyber Essentials. If you’re unsure about what technology is currently in use to protect your network, contact MDI Networks and we can review your options to keep you secure.