How to protect yourself against Emotet and other ransomware

Emotet keeps making headlines. Emotet is currently the most dangerous malware that can paralyze entire IT infrastructures or lead to GDPR-relevant data leaks. More precisely, Emotet consists of several malware programs that can also use phishing tactics, for example. For this purpose, email content is used that is known to the recipient and therefore appears to be trustworthy. Above all, companies must take Emotet seriously and protection against Emotet should be given appropriate attention. Because there are effective protective measures against Emotet!

What is Emotet?

As mentioned at the beginning, Emotet is diverse and not just a single malicious program. In particular, once it has infected a system, Emotet reloads other malware such as Trickbot (this is a Trojan aimed at online banking). It is precisely these malware programs that are used in a variety of ways that can cause considerable damage. Paralyzed IT infrastructures, production downtimes, or reportable data leaks are the results.

How does Emotet spread?

Emotet has recently started using phishing techniques to spread, which has made the malware even more dangerous. Once Emotet has infected a system, it can access the content of e-mails or other information such as the sender, contact lists, etc. Emotet then independently sends phishing emails in order to spread itself further on other systems. The dangerous thing about these phishing emails is that real e-mail content or senders are misused to make the phishing emails look deceptively real and cause the recipient to open the infected e-mail attachment.

For example, a real subject and a known sender can quickly turn a phishing email into a serious risk. It is easy to become inattentive through what is known and perhaps commit a fatal mistake such as opening an infected file attachment or link.

Speaking of infected file attachments and links: When you talk about the spread of Emotet, you have to mention that phishing emails are ultimately just the medium. Emotet itself can, for example, hide in file attachments (especially Office documents with macros). If you open the file attachment, you infect your system with Emotet. But Emotet can also get into systems by downloading it from a website. Infected websites from links from phishing emails are also a major threat.

Where can you start if you want to protect yourself against Emotet?

Basically, you have to start with the points that were addressed in the previous section. First and foremost, it is important to prevent phishing emails from reaching the employees' mailboxes in the first place (e.g. by using a spam filter or quarantining suspicious e-mails ). If a phishing mail actually made it through the spam filter, it must be recognized by your employees (and then reported and deleted). There are also special security awareness training courses in which your employees are trained precisely for such situations.

The next stage is that a phishing mail has unfortunately served its purpose and has not been recognized or is not properly responded to. There are ways to still react at this point and prevent infections with Emotet. For example, websites can be blocked so that clicking on an infected link does no harm. There is also the option of removing risky file attachments from the emails from the start and informing the user about them. It is important that these are all measures that should be implemented centrally by your IT department. Talk to your administrators about how well you are there.


Emotet is and will remain one of the greatest threats to companies. The good news: You can protect yourself effectively against Emotet and minimize the risk of infection. In the above section, it was roughly described at which points you can start to protect yourself against Emotet. Of course, we have worked this out a little more detailed and concretely.

Post a Comment