The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) has issued an alert after increased reports of a new round of emails containing Emotet infected attachments. Emails containing the Emtot infected attachments slowed during the summer, the threat actors behind the Emotet trojan continue to increase their activity, with a large uptick occurring starting in early September. Based on information from the NJCCIC’s email security solution, threat actors are attempting to deliver Emotet-laden emails to NJ State employees at a significant rate, consistent with reporting from other private and government entities.

Phishing email themes associated with this campaign vary; however, many of the emails sent to NJ State employees referenced past due payments or included the recipient’s first and last name in the subject line. Several entities reported that the recent attacks were launched from compromised email accounts in which the operators utilized previous email threads to send malicious emails to known contacts. The emails contained malicious Word or ZIP files, which are used to deliver the Emotet trojan.

Screenshot - Example of malicious email
Sample email with malicious attachment.

 

The NJCCIC recommends organizations implement a defense-in-depth cybersecurity strategy that includes an endpoint detection and response solution, email security gateway, user awareness training, and a comprehensive data backup plan.

Related: Remain vigilant for scams related to Coronavirus

powersolution recommends implementing an email security gateway that will detect impostor emails or emails that contain malicious attachments. Additionally, powersolution has security solutions to address the guidance provided by the NJICCIC. If interested in learning more about Emotet, prevention tips, or solutions to help increase the overall security posture of your Organization, please contact us through our website powersolution.com, or give us a call 201-493-1414 opt 1.

 

How is your state of IT?

Call Us: (201) 493-1414

Related Articles

Email Best Practices
How Businesses Can Securely Work From Home (VPN Guidance)
Reopening the Workplace After COVID-19: Technology Considerations
Data Security: What Can You Do To Mitigate Risk
4 Common Threats to Your Data
Multiple Active Phishing Campaigns Targeting O365 Credentials
Twitter Hacked in Coordinated Social Engineering Attack
Has your info and password been hacked? – Latest breach had compromised billions of records
Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards
Scroll to Top