Foreword
Internet users use the web every day for Browsing, Email, Banking, Social Media, and Web File & Video downloads. This research paper aims to help world internet users how not to get victimized to EMOTET malware – A Banking Credentials Stealer.
Emotet is a very advanced modular trojan malware that primarily targets financial systems and internet users to steal financial and personal information by sending phishing emails to the people in question and self-spreading. Emotet also drops and downloads other banking trojans such as Trickbot, Ursnif, and IceDiD to exploit systems further and encrypts the large chunk of victim sensitive data with Ryuk ransomware payloads to benefit cyber attackers.
United States Computer Emergency Readiness Team (US- CERT) issued an alert already concerning malicious Emotet campaign attackers. US-CERT also concluded that Emotet malware is the most destructive and costly malware affecting federal, state, local, tribal, governments, private businesses, non-profit organizations, and individuals.
A research conducted by top cybersecurity company CrowdStrike revealed that dealing with Emotet infections costs $1 million per incident to remediate. In general, Emotet spread through emails when a user opens phishing attachments and clicking on phishing links such as malicious URL links, fake PDFs, and macro-enabled Microsoft Word documents.
Therefore, this paper aims to address a complete understanding of what Emotet malware is, how dangerous the operation of Emotet is, its countermeasures, and will present robust Security Situational Awareness (SSA) to all internet users about Emotet malware.
This paper will use a survey questionnaire as a qualitative research methodology instrument to collect data and know-how internet users are familiar with Emotet Malware. The survey results are shocked to see how internet users lack situational awareness about Emotet.
In conclusion, the paper provides precautions, mitigation actions, and recommendations to prevent user computers from Emotet infections with Security Situational Awareness (SSA).
