By Alan Rainer
The fourth quarter of 2019 showed a strong start but a dull finish, as the world eased into the holiday season. Although the end of Q3 2019 saw a resurgence in Emotet, Q4 witnessed a higher degree of phishing from the Trojan and its botnet. Read all about it, alongside other malware trends and campaigns, in the Cofense Intelligence Q4 2019 Malware Trends Report.
Continuing from Q3, Emotet picked up momentum in distributing malicious emails. From email reply chain compromises to crafty phishing templates with macro-laden documents, user inboxes found no solace. Emotet delivered financial invoices, “invites” to a Christmas party, and other phish baits to trick recipients into infecting their systems. Other malware families were not as prolific, decreasing in volume as the quarter went on.
The new year, however, is likely to hold greater wickedness. On the malware front, Windows 7’s End of Life will probably lead to the creation of new malware and look for targeted ransomware to continue growing. 2020’s election season may bring about more phishing, while geopolitical events can result in more cyber threats. And to round it off, Emotet will keep on churning.
Figure 1: Varenyky Spambot Phishing Email Sample
Our Q4 report outlines key trends, statistics, breakdowns of specific campaigns, and insights on what to expect in Q1 2020 and beyond, all of which you can use to defend your organization. Cofense Intelligence provides phishing campaign updates throughout the year, which includes comprehensive threat reports and bi-weekly trend digests.
View the Q4 2019 Malware Trends Report at: https://go.cofensestaging.wpengine.com/malware-trends-2019-q4/
All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats.