Don't open that Christmas party email - it could be swarming with malware

News
By published

Emotet botnet malware hidden within fake Christmas party invites

(Image credit: Shutterstock.com)

Hackers are looking to kill off the Christmas spirit by hiding malware within fake office party emails.

Research from security firm Cofense has uncovered evidence that cybercriminals behind the dangerous Emotet botnet are using holiday-themed phishing emails to trick victims.

Having first appeared around Halloween at the end of October, the company is now warning the same tactic is now being used to lure in workers excited for the holidays with fake emails concerning office Christmas parties.

Tricked

Cofense discovered emails with titles such as "Christmas party next week" that appeared innocent, but came with a macro enabled Microsoft Word attachment disguised as menu options for a festive meal. The messages were often built around templates that came from scrapped inboxes to leverage real email conversations, making them appear legitimate, even featuring translations for different markets.

Asking the user to “enable editing” to view, clicking on the attachment will execute the embedded macros and install the Emotet malware, which could provide various groups with he means to attempt ransomware downloads, more spam and phishing emails.

(Image credit: Pixabay)

Cofense says that despite the low-key deisgn is often a major giveaway to fake emails, especially the use of the outdated .doc Microsoft Word format, as well as a bare-bones design which should have helped it stand out.

However such emails still pose a very valid threats to businesses of all sizes, and should be used in order to help train and improve phishing detections programs across all industries.

"If your phishing defense program is aligned with active threats hitting organizations, then this is exactly the template you should be using to train your users to identify a real phish," Tonia Dudley from Cofense Security Solutions wrote in a blog post outlining the news.

Recent figures from Malwarebytes saw deterctions of Emotet soar 37 percent as cybercriminals look to target a wide range of businesses.

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
Data leak
Hacked Tata Technologies data leaked by ransomware gang
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
China
Chinese hackers targeting Juniper Networks routers, so patch now
Latest in News
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps
Forget AI – WhatsApp is planning a simple messages feature that could be its most useful upgrade in years
NordicTrack Ultra 1
The new NordicTrack Ultra 1 treadmill looks like it was designed by an architect and costs $15,000
An Nvidia GeForce RTX 5070
Nvidia RTX 5080 stock is so barren that retailers are holding competitions where you can "win" the right to buy one for MSRP
Assassin's Creed Shadows
Ubisoft shareholder accuses publisher of 'misleading investors', plans protest outside Paris HQ
Google Gemini AI logo on a smartphone with Google background
I made an AI version of Bilbo Baggins using Goggle Gemini for free, and shared a pipe with him outside Bag End – here’s what you can now do with Gems
More about security
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone

Biometrics add another layer of security to passwordless authentication
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol

Meta warns of worrying security flaw hitting open source type software
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps

Forget AI – WhatsApp is planning a simple messages feature that could be its most useful upgrade in years
See more latest
Most Popular
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps
Forget AI – WhatsApp is planning a simple messages feature that could be its most useful upgrade in years
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
An Nvidia GeForce RTX 5070
Nvidia RTX 5080 stock is so barren that retailers are holding competitions where you can "win" the right to buy one for MSRP
Assassin's Creed Shadows
Ubisoft shareholder accuses publisher of 'misleading investors', plans protest outside Paris HQ
Gemini 2.0
Gemini Deep Research just got even smarter and it’s now free for everyone to try - here's why you should give it a go
Google Gemini AI logo on a smartphone with Google background
I made an AI version of Bilbo Baggins using Goggle Gemini for free, and shared a pipe with him outside Bag End – here’s what you can now do with Gems
Google Gemini with Search history access. Image says "Get help from AI that gets you"
Google just gave Gemini a superpower by allowing it to access your Search history - here's why I'm excited and also a little terrified
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
NordicTrack Ultra 1
The new NordicTrack Ultra 1 treadmill looks like it was designed by an architect and costs $15,000