Skip to Content
© Info723783 | Dreamstime.com
Security & privacy

Think twice before you download a Word doc – warning signs it’s hiding malware

There’s a gigantic storm of malware on the web that’s been brewing for some time now. Once it gets a hold of your email account, it will bombard you with deceptive messages that include malicious attachments. Open one and your system becomes part of its army of zombie computers that work to continue the spread.

Sound scary? Well, it’s real — and it’s one of the biggest malware threats of the past several years. Known as the Emotet botnet, this corrosive network of infected machines is notable for its relentless attacks and ability to change tactics on the fly. Tap or click here to see how Emotet recently reactivated after a 5-month slumber.

As the Emotet botnet continues to spread to computers all over the world, victims are noticing a sudden shift in the way their systems are getting infected. Instead of a scattershot approach using phishing links and various files, it’s now sending malicious Word documents that look completely authentic. Here’s what you need to keep an eye out for.

Emotet wants a Word with you

The Emotet malware is a multifaceted threat capable of wrecking even the most secure of computers. All it takes is accidentally opening one of its malicious files to make your computer part of the botnet horde, and removing the malware can be an entirely painful ordeal.

One of its most well-known behaviors is cutting-up and pasting text extracted from its victim’s emails — which allows it to masquerade as a legitimate contact so that victims won’t’ think twice about opening an infected attachment.

Tap or click here to see how Emotet pulls this trick off.

When it came to malicious attachments, Emotet used to rely on several different varieties. As of now, Word documents are still the most popular way for the botnet to spread — but as of August 25, Emotet appears to be using a brand new malware template to harm its victims.

According to reports from BleepingComputer, Emotet has switched to a new malicious file template dubbed “Red Dawn” for its red graphic design. When opened on a victim’s computer, it looks like an ordinary Word document with an alert that the user must enable editing to view. If you do this, Emotet triggers the malware to install itself.

In other words, by giving the document permission to open you’re granting it access to your entire computer.

Tap or click here to see why malicious Word documents are such bad news.

What can I do to stop Red Dawn?

Just like with any phishing email campaign, you’re only as vulnerable as you are naive. If you’re skeptical about emails you receive, avoid downloading unknown attachments and verify that all senders are who they say they are, you shouldn’t run into trouble.

But because Emotet can cut and paste materials from emails that your real-life contacts send, you’ll need to be much more specific when you get confirmation from them about messages. If you get an email from a friend with an attachment, call them up and ask them if they sent the message as soon as you get it. Read it to them out loud if needed.

Here are a few other important steps you can take to keep yourself from being harmed by Emotet.

If you’re worried that you’ve been infected already, now is the time to start scanning your computer for malware. If something is found, a good anti-malware suite can zap it and quarantine the file so it can do no harm. Plus, it never hurts to be prepared — even if your system is totally fine

 Tap or click here to see our favorite free anti-malware software suites.

Stop robocalls for good with Kim’s new eBook

Robocalls interrupt us constantly and scam Americans out of millions of dollars every year. Learn Kim's best tricks for stopping annoying robocalls in this handy guide.

Get the eBook