Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Leadership Team

Meet the MetaCompliance Leadership Team

Careers

Join Us and Make Cybersecurity Personal

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Emotet Malware – A Guide to the Banking Trojan

title 2 1

about the author

Share this post

Emotet is a highly sophisticated and destructive malware that is causing huge problems for organisations around the world.

Emotet Malware first emerged in 2014 as a banking Trojan designed to steal banking credentials and other sensitive data. However, within the last 5 years, the malware has rapidly evolved into one of the world’s most dangerous cyber threats.

According to a US Homeland Security alert published in 2018, “Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors. It’s difficult to combat and Emotet infections have cost SLTT governments up to $1 million per incident to remediate.”

Why is Emotet Malware so dangerous?

Emotet malware

Emotet malware uses its worm-like capabilities to rapidly spread to other connected computers on a network. This means that the infection can spread like wildfire across an organisation without any user interaction.

It has also gained new functionality to make it even more menacing. Emotet can add an infected machine to a botnet to perform DDoS attacks or it can be blended with other forms of ransomware for maximum destruction.

The malware is extremely versatile and is being adopted by many cyber groups due its polymorphic behaviour. It can effectively change itself every time it’s downloaded to evade signature-based Anti-Virus detection.

There has been a massive spike in Emotet attacks across the world, and in February 2018, the city of Allentown, Pennsylvania was brought to its knees when it was attacked with the self-replicating malware.

Some of the city’s financial and public systems had to be shut down and the attack is reputed to have cost the city around $1 million in damages.

How does Emotet Malware infect machines and spread?

how emotet infects machines

The majority of Emotet infections start with a simple Phishing email. The email may appear to come from a legitimate source with the official branding and logos of a well-known company. As with all phishing emails, the ultimate aim is to pressurise the recipient into clicking a malicious link or to download an attachment.

As soon as the recipient clicks on the link or opens a file, they will unwittingly be enabling macros that initiate the infection process. As soon as the device is infected, Emotet will start trying to spread to other devices on the network.

Emotet malware will scan through contacts lists and start bombarding everyone on the list with malicious emails. As the email appears to come from a trusted source, users will be more inclined to click on the accompanying links or open an attachment.

If a connected network is present, Emotet will attempt to spread using brute force attack. It will try different combinations of usernames and passwords to see if it can access the network this way.

Another way Emotet propagates is through exploiting Eternal Blue/Double Pulsar Vulnerabilities. These are the same vulnerabilities that were exploited in the infamous WannaCry and NotPetya attacks that caused huge global disruption.

What can you do to prevent Emotet infection?

how to prevent emotet malware
  • Keep your software up to date with the latest security patches from Microsoft – Emotet malware will often take advantage of the Windows Eternal Blue Vulnerability. Regular patching will fix security vulnerabilities, remove outdated features and update drivers.
  • Follow good security practices to minimise the risk of infection – Avoid clicking on links or downloading attachments from unknown sources. Red flags can include: a generic greeting, poor grammar, threatening language, a mismatched URL, spelling mistakes, claims of prizes or a request for sensitive information such as a username or password.
  • Cyber Security awareness training – Emotet infections rely heavily on a user opening a phishing email. To ensure that employees can effectively recognise these threats, it’s vital they receive regular cyber security awareness training. The training will help staff defend your organisation and reduce the likelihood of networks becoming infected with Emotet.
  • Use Anti-virus software – Emotet malware has been highly successful in avoiding detection from many forms of anti-virus software solutions. However, it’s still to vital invest in a trust worthy anti-virus solution that uses behaviour blocking technology in addition to signature-based protection.
  • Create a strong and complex password – A strong password should be between 8-15 characters long, a mix of uppercase and lowercase letters and include numbers or symbols. A passphrase can also be used to memorise longer and more complex passwords. To make the passphrase secure: Use an easy to remember but random phrase, add spaces, substitute letters with numbers and add extra characters to make it even more secure.
  • Use Two Factor-Authentication (2FA) – Two-Factor-Authentication adds an additional layer of security to the authentication process by making it harder for a hacker to gain access to a person’s device. In addition to a password, two-factor authentication requires a second piece of information to confirm the user’s identity.
  • External email banner – Use an email banner to notify employees that an email has come from an external source.
  • Block questionable files and attachments – Consider blocking attachments that are commonly associated with malware, such as .dll and .exe, and attachments that cannot be scanned by antivirus software, such as .zip files.

How to remove Emotet Malware from an infected device

How to remove emotet from an infected device

As we’ve seen above, Emotet malware can rapidly spread to other computers connected to the network unless it’s contained and eradicated as quickly as possible. If you believe your device or network has been compromised by Emotet, you should immediately take the following steps:

  • Run an anti-virus scan on the system and take action to isolate any infected computers based on the results.
  • Identify, shutdown, and take any infected computers off the network.
  • Consider temporarily taking the network offline to stop the spread of malware.
  • Identify the infection source.
  • Clean each computer one by one to prevent being re-infected.
  • Change and update passwords for domain and local credentials.

Phishing is the number one cause of all cyber-attacks and continues to prove one of the easiest ways to steal valuable data and deliver ransomware. MetaPhish has been created to provide a powerful defence against these threats and enables organisations to find out just how susceptible their company is to phishing. Get in touch for further information on how MetaPhish can be used to protect your business.

YouTube video

Other Articles on Cyber Security Awareness Training You Might Find Interesting