Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

New Service Checks If Your Email Was Used In Emotet Attacks

https://open.spotify.com/show/3Gmj15x6cGrgJEzmGnDTTj

New Service Checks If Your Email Was Used In Emotet Attacks

A new service has been launched that allows you to check if an email domain or address was in an Emotet spam campaign.

Emotet is a malware infection that spreads through spam emails containing malicious Word or Excel documents. When opened and macros are enabled, it will install the Emotet trojan on a victim’s computer.

When infected, Emotet will steal a victim’s email and transmit it back to servers under the attacker’s control. These emails will then be used as part of future spamming campaigns to make the malicious spam look legitimate.

Over time, the Emotet trojan will download and install other malware such as TrickBot and QakBot on an infected user’s computer. These trojans are known to lead to ransomware attacks by the operators of RyukConti, and ProLock.

Also Read: How To Send Mass Email Without Showing Addresses: 2 Great Workarounds

New service checks if Emotet uses your email

Today, Italian cybersecurity company TG Soft launched a new service launched called Have I Been Emotet that allows you to check if a domain or email address was used as a sender or recipient in Emotet spam campaigns.

TG Soft has told BleepingComputer that their database consists of monitored outgoing emails generated by Emotet between August and September 23rd, 2020.

During this period, they have collected over 2.1 million email addresses from around 700,000 outgoing emails.

To use the service, you can enter a domain or email address, and it will let you know how many times it was used.

To use the service, you can just enter a domain or email address, and it will let you know how many times the email address or domain was used as the sender of an email or the recipient.

When returning the search result, Have I Been Emotet will provide the following information:

  • REAL SENDER: Indicates that the computer using this email account has been compromised and used to send spam emails.
  • FAKE SENDER: Indicates that your mail was stolen and used in spam campaigns.
  • RECIPIENT: Indicates that you were the recipient of an Emotet spam email.

For example, in the image below, you can see that users in the microsoft.com domain were targeted 42 times in recent Emotet spam campaigns.

Emotet emails targeting microsoft.com
Emotet emails targeting microsoft.com

Useful as a cybersecurity intelligence platform

If a company has been affected by a cyberattack, you can check if they have been targeted in Emotet spam campaigns, leading to a ransomware attack.

For example, Ryuk ransomware recently attacked the healthcare giant Universal Health Services (UHS).

Using this service, we can see that the UHS’ domain, uhsinc.com, was used in recent Emotet campaigns and that the company received Emotet spam nine times.

Emotet emails targeting uhsinc.com
Emotet emails targeting uhsinc.com

If you use this service and find that your email address or domain has been used as a recipient, it does not necessarily mean that you have been infected.

To become infected, a user would have had to open the email attachments and enabled macros before the malware would have been installed.

On the other hand, if your domain has users listed as a ‘REAL’ sender, then it is likely that one of your email domain’s users had been infected, and a thorough investigation of your computers should be done.

Also Read: 10 Government Data Leaks In Singapore: Prevent Cybersecurity

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us