Current cyber attack

Important notice : a malware campaign is underway and requires your utmost vigilance.

This campaign called “Emotet” compromises the mailboxes of your correspondents and uses your previous exchanges to deceive you. The hacker sends you an email that looks like a reply from one of your correspondents (the subject is the same and contains RE :). This response usually contains an attachment (a Word document) or a link to download a document. Once the file is opened, Word prompts you to enable macros, which triggers the malicious code and allows the hacker to retrieve sensitive data on your computer. The code can also spread to other PC on your network.

Mailinblack teams do everything possible to ensure that these emails do not arrive in your mailbox.

How to react ?

Be careful when opening an email. If the content seems strange (misspell, unexpected or inconsistent exchange from the sender), do not open the attachments and do not access the links included in the email, ask your IT administrator for advice. Do not rely on the email address, nor on the firstnames and lastnames displayed in your email client, which can easily be spoofed. When opening a Word document, do not click on “Activate content” in the displayed banner. If you have any doubts, contact your correspondent by another means (phone, instant messaging, etc.) to confirm that the email is indeed legitimate and came from him.

ANSSI’s recommandations

If you want more information about this malware campaign, the French National Cybersecurity Agency (ANSSI) has published a detailed alert bulletin describing more precisely how Emotet works, the few solutions to try to detect it, as well as some recommendations to users and IT administrators on how to protect themselves from it.

Mailinblack teams applied the measures suggested by ANSSI and continue to identify/bloc new Emotet variants.

Nos experts vous accompagnent
gratuitement dans votre projet de cybersécurité

saisissez votre numéro de téléphone