Beware of this virus that comes in a Word attachment and knows your name

Beware of the odds Word attachments that can reach your email with your name, it could be a virus. It's so convenient to pay so much attention to the kind of attached documents that come via e-mail, a well-known virus called Emotet made the news again in the last few weeks.

Anyone who does not know the way can be deceived, and This is a virus that you have to be very careful with.. The truth is it can be very real because it comes via email from an address you may know, and they even call you by name.

This is not a new technique to try to bypass the controls exercised by antivirus software, Emotet did the same in the past. And again, has the goal of tricking its victims into executing highly malicious macros in a Word document to try to penetrate the PC.

How to get Emotet on your PC

Emotet, which is called a virus, has a very clear purpose once it manages to gain access to a PC and infect it. Its goal is to try to steal data from its victims and even passwords services that users access, but are also capable of downloading malicious software.

Your way of signing in is via a Word document, as we discussed earlier. The attached Word document appears to come from a trustworthy contact, and may even be addressed by your name, so it doesn't seem suspicious to anyone at first glance.

But the truth is The word in question has a series of macros in italthough when the victim opens the document he doesn't see any type of text, but it is there and what happens is it uses a white font so it can't be seen, which avoids suspicion.

The attachment is very lightweight, only 616 KB, but if the user is tricked into running a hidden macro, it can exceed 500 MB in size. To try to make it happen, encourages users to click on the "enable content" option..

This is Word's security measure for all documents downloaded from the Internet, to prevent these things precisely. In this case none the less, when you open the document that came with the mail, you are notified that it is inaccessible until you click on the previous option.

What is Emotet capable of?

If the user clicks on the "enable content" option, they will grant Word permission to unlock the document and what happens now is that will run the macro unnoticed by the victimthe consequences of which are also practically invisible.

From there, the macro will have the ability to download certain compressed files from the Internet, and it will execute the DLL key that infects the computer. Now it's time for Emote to start "working" on its goals, stealing important information and even passwords.

Also capable of downloading more viruses onto the PC to continue to infect the PC. What is clear is that you have to be very careful with this type of threat, even if you receive a seemingly trustworthy word from a known contact, you should always be on your guard because it could be a virus.

In general, documents that come to you via e-mail do not carry macros and, therefore, there's no need to run it, so that's when you start to suspect, if you open Word and it asks you to activate content, it might run a macro with disastrous consequences.

At the moment, The emotet virus is back in Word form as an attachment in emails and know your name is popular again in countries across Europe, Latin America, and the Pacific, so be careful about any attachments you receive.

Through: arstechnica