Since a few weeks an old malware family, Emotet, is back infecting thousands of systems all over the world. Emotet is best known as a banking trojan, trying to steal banking credentials. But it has grown into something much more dangerous.
The criminals behind Emotet make a new version a few times a day. This prevents anti-virus software detecting this malware, which in turn results in numerous new infections every day. Emotet uses macros in Office 365 (Word, Excel etc) documents to infect computers. As a counter measure Microsoft Word and Excel disable editing for documents from unsafe sources as standard. These are documents that are downloaded from a website or received through email.
Word and Excel do offer a button to enable editting and running macros. The criminals try to lure the victim into clicking the buttons.
Do not click the button.
Giving the document a sense of urgency is one of the tricks criminals use to prevent people from thinking before acting. Any text about Enable Editing or Enable Content is a sure indication this is malware.
More tips about keeping your computer safe, can be found in our 10-step plan.
If you want to know more about Emotet, you can find information in the Proofpoint blog.