Australia markets closed

Government raises alert level on email virus ‘Emotet’

(Source: Getty, MailGuard, Stay Smart Online)

Phishing scams and security attacks via email are nothing new – but there’s something different about this one.

The government is warning Australian businesses and individuals about a “widespread malware campaign” called Emotet, and it looks like it should be taken pretty seriously.

Emotet is a Trojan virus delivered via emails sent with malicious attachments,” according to a statement by the Australian Cyber Security Centre (ACSC).

‘Emotet’: Deceptive but sophisticated self-spreading email virus

Recipients will receive a simple-looking email with a file attachment, such as .doc, .docx or .pdf.

But if you click on these links or open the files, the Emotet malware will infect your device, the ASCS’s Stay Smart Online warned.

Cybercriminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge,” Stay Smart Online said.

And according to email security software MailGuard, the scam is both “ongoing” and “highly sophisticated in nature”.

“It is being distributed via emails originating from a large number of compromised email addresses. Each message purports to be from a different individual or business,” MailGuard said.

Unsuspecting recipients are often directed to open the innocuous-looking document attached.

“This could be in the form of a statement, agreement, invoice, or anything that could require the victim to open the attached Word document.”

The Australian government is so alarmed about this that it has raised the National Cyber Cyber Security Arrangements (NCSA) to Level 3, ‘Alert’.

The arrangements start from Level 5 (‘Normal Conditions’) and rise steadily up to Level 1, which would constitute a National Cyber Crisis.

What does the Emotet email look like?

Here are a few examples from MailGuard and Stay Smart Online:

(Source: MailGuard)
(Source: Stay Smart Online)

The following version asks you to ‘Enable Content’ in Microsoft word, but beware: the malware hidden in this attachment can not only download itself onto your computer, at which point hackers can take over the victim’s computer, but the malware can forward itself to the user’s contacts to further spread the virus.

Don't be fooled by the Microsoft Office logo or the links telling you to 'Enable editing' or 'Enable content'. (Source: MailGuard)

How do I protect myself from Emotet?

The ASCS recommends Australians take the following steps:

  • Disable Microsoft Office macros: “Macros are small programs used to automate simple tasks in Microsoft Office documents but can be used maliciously,” Stay Smart Online said.

  • Maintain firewalls;

  • Make sure you have an offline backup of your information; and

  • If you operate a business, let your staff know about the virus and what to look out for, and think about developing an incident response plan.

If you’ve been asked to pay ransom, the ASCS’s advice is straightforward: do not pay it.

There is no guarantee that paying the ransom will fix your computer, and it could make you vulnerable to further attacks. Restore your files from backup and seek technical advice,” it said.

“The ACSC is working closely with state and territory governments to limit the spread of this computer virus and to provide technical advice and assistance and to support organisations that are affected,” said ACSC head Rachel Noble.

“If Emotet infects your computer, it will open up a backdoor that will allow the cybercriminal to inject ransomware that could freeze your network.”

For more assistance from the ACSC, you can email them at

Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, property and tech news.