Home » News » Dangers from malware such as Emotet, Phishing and CEO fraud
Symbolbild für Phishing-Angriffe: Ein Angelhaken über einer Computertaste mit der Aufschrift "Phishing" – Darstellung der Gefahr durch Cyberkriminalität.

EMOTET – Dangerous Malware Eliminated! What’s Next?

The Public Prosecutor General’s Office of Frankfurt am Main – Central Office for Combating Cybercrime (ZIT) – and the Federal Criminal Police Office (BKA), in collaboration with international law enforcement agencies, successfully took over and dismantled the infrastructure of the Emotet malware last Tuesday during a globally coordinated action.

Regarding the dismantling of Emotet, Arne Schönbohm, President of the BSI, stated:
“Together with police forces and prosecutors, an important blow was struck against international cybercrime on Tuesday. Almost three years ago, the BSI was the first to call Emotet the ‘King of Malware.’ Since then, we have continuously warned of the dangers posed by Emotet and its serious consequences for companies, authorities, institutions, and even private individuals. The list of victims is long: hospitals had to shut down medical operations, courts and city administrations were paralyzed, and countless businesses lost access to their essential data and digital processes. Tens of thousands of private users’ computers were also infected, leading to online banking fraud and stolen passwords…”

Why Is Emotet So Dangerous?
Emotet extracts contact information and email content from the inboxes of infected systems. Cybercriminals use this information to spread the malware further.

The process works as follows:

  • Recipients receive emails that appear legitimate, often from contacts they recently communicated with.
  • These emails include the correct sender and recipient names in the subject, greeting, and signature, making them appear authentic.
  • This tricks users into opening malicious attachments or clicking harmful links.

Once the computer is infected, Emotet downloads additional malware, such as the Trickbot banking trojan, which:
✔ Leaks sensitive data
✔ Gives criminals full control over systems
✔ Leads to major production shutdowns in businesses
✔ Results in data and credential theft for individuals

Watch Our Expert Webinar on Emotet and Email Security
Our IT security expert, Felix, has prepared a webinar explaining cybercriminal tactics, the dangers of phishing emails, and how to spot suspicious content before it’s too late.

What Is Phishing?

Phishing – a combination of “password” and “fishing” – may sound harmless, but it’s the gateway to various cybercrimes, ranging from:
✔ Simple data theft
✔ Unauthorized bank transactions
✔ Attacks on critical infrastructures

How does phishing work?

  • Cybercriminals impersonate banks, internet providers, or service companies via spoofed emails.
  • These emails urge users to update their credentials, citing reasons like:
    – A credit card expiration
    – A security issue requiring password updates
  • Criminals rely on mass distribution, hoping that some recipients are actual customers of the impersonated organization.
  • Phishing emails and fake login pages are carefully designed to look identical to real ones.

Key Signs of a Phishing Email:

⚠ Urgency & Pressure – Emails pushing immediate action
⚠ Requests for sensitive data – No legitimate company asks for this
⚠ Misspellings & Suspicious Links – Check URLs before clicking

CEO Fraud: Only Big Companies at Risk?

CEO Fraud is a scam where attackers impersonate executives and trick employees into transferring funds.
⚠ The fraud is often conducted via email, but deepfake technology (AI-generated fake videos or voices) is also being used.
⚠ Attackers exploit employees’ trust in their superiors.
⚠ SMEs are increasingly targeted because decision-makers often have direct access to funds.

Are We All Doomed?

🛑 No, we are not! According to Felix, our IT expert, following basic cybersecurity principles can prevent major incidents:

✔ Never enable macros – Attachments should be opened safely on a phone or Google Drive.
✔ Do not click links in emails – Always visit the website directly via a browser.
✔ Verify senders – Use video calls (e.g., FaceTime) to confirm sensitive requests.
✔ Regular cloud backups – Use OneDrive or cloud storage to prevent data loss.
✔ Keep software updated – Security patches close vulnerabilities.
✔ Watch out for Friday afternoon scams – Urgent money transfer requests should always be verified multiple times.

Stay alert, stay safe, and secure your business against cyber threats! 🚀


Zurück zur
Übersicht