Email scams often contain elaborate details to entice you into clicking a link or opening an attachment. Usually, there is some heartfelt backstory to why you must open that document or a severe threat of what will happen if you don’t.
These are relatively easy to spot as suspicious if they didn’t end up in your email spam folder. But scammers never stick to the same tactics. Malware is constantly developed to circumvent security measures.
Read on to see how a clever new phishing scheme makes it easier to spread malware.
Here’s the backstory
Emotet is a dangerous malware variant that started wreaking global havoc years ago. It was so devastating that international law enforcement agencies worked together to bring it down in early January of 2021.
It seemingly disappeared for good, only to show up again last November. The malware was once described as “the most dangerous malware botnet in existence” as it locks infected devices into a worldwide botnet system controlled by hackers.
But security researchers at Proofpoint discovered how the malware now tricks victims into opening a malicious attachment. Instead of a long-winded introduction or heartfelt plea, the latest tactic is a one-word subject line in the email.
Researchers noted that it simply read “Salary” or Payment” in most cases with an attachment in the email’s body. The one-word subject might entice people to open the email and click the link. But if you do, your device will be infected with malware.
What you can do about it
The best thing you can do to protect yourself against cyberattacks is to be aware of the tactics used by criminals. Now that you know one-word subject emails with only a link in the body are dangerous, don’t click on the link.
Here are more ways to avoid falling victim to phishing attacks and keep your devices malware-free.
- Be on the lookout for emails with a one-word subject line. It is the signature phishing scheme of Emotet now, and you must avoid clicking the link found in the body of the email.
- Don’t click on links and attachments that you receive in unsolicited emails.
- Spelling and grammar errors are big red flags.
- Use two-factor authentication (2FA) for better security. Tap or click here for details on 2FA.
- Keep your operating systems, apps and devices updated with the latest official software and patches.
- Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Don’t fall for these malware-filled emails impersonating the IRS
Before you fill out a CAPTCHA form on a website, know a scammer could be behind it