In a nutshell: Cybersecurity researchers at Proofpoint have discovered an active email campaign designed to spread Emotet, a banking trojan that targets Windows PCs to steal financial information. The malicious campaign is using the name of Greta Thunberg and a fake invitation from her to join a climate change protest this Christmas Eve.
Swedish climate activist Greta Thunberg was recently named Time Magazine’s Person of the Year for 2019 for her efforts in raising global environmental awareness. Combine her mission and popularity with the spirit of the Christmas holidays, and hackers have the potential ingredients needed to craft a malicious email campaign for targeting unsuspecting users with malware.
According to Proofpoint security researchers, the global campaign is mainly aimed at students with .edu email addresses across the US, Europe, and Asian territories, where several versions of the malicious email were identified in multiple languages.
“We saw more .edu domains attacked than domains associated with any specific country—this makes sense given the strong support Thunberg has among students and young people,” noted Proofpoint.
The campaign has been designed to infect computers with Emotet malware, at a time when many students are at home using family computers, making them a potential target for the trojan, which comes disguised as an MS Word file attachment titled “Support Greta Thunberg.doc.” with an email subject along the same lines.
“This campaign serves as a reminder that attackers won’t hesitate to target people’s best intentions during this holiday season,” says Proofpoint, adding that lures used by attackers in such campaigns are “a reliable barometer of public interest and awareness.”