Emotet Trojan without Outlook?

[nomadreid]

TL;DR Summary

If X gets an email purportedly but falsely from Y, and X doesn't use Outlook, then does it necessarily originate from Y's computer/address book?

The classic way that a spammer S sends out false emails using Person Y's address sent to X to try to get X to click on a malicious link or attachment is for S to invade Y's address book, but more recently I have read (articles in German, so not cited) that the "emotet" Trojan horse (as of April 2019) worked by "reading" emails from X's Outlook, and thus answering with an address that X had written to a bit earlier, so Y was never directly involved. With that in mind: a friend received a spam message from my email address and accuses me of being the culprit since I visit sites in Russian; when I pointed out that there was the alternative explanation of an "emotet" Trojan Horse, so that I may not be involved, she countered that she does not use Outlook. Is there any way that the spam would not have come directly from my computer? (As far as I can tell, my computer is not infected.)

 

[Wrichik Basu]

I read a few articles online, and it seems that Outlook may not be involved in this case. Just downloading attachments gives the virus an opportunity to infest your system.

 

[nomadreid]

Thanks, Wrichik Basu. So, if I understand correctly, it would be my system, not my friend's, which would be infested.

 

[Wrichik Basu]

Here is what Malwarebytes has to say about the Trojan:
https://www.malwarebytes.com/emotet/Yes, you are right, it is possible that your mail id has been hacked by this trojan. It is better to remove your mail id from Outlook or the Mail app that is present by default in Windows 10, if you use either.

 

[nomadreid]

Thanks, Wrichik Basu. Curiously enough, neither I nor my correspondent use Outlook. My correspondent does not have Windows 10. I do have Windows 10, but I do not use the Mail app.
I have not been able to find any infection in my computer, although that could depend on the limitations of the scans I use (which includes Malwarebytes, albeit its free edition), and absence of evidence is not evidence of absence.
[Side note: your "The moment you stop learning just for the sake of acquiring knowledge, and start studying for the examination, you are no longer a human being." would classify most school children, if my experience as a teacher is any guide, as something other than human beings. Of course, as many teachers, I have often had this suspicion...]

 

[Wrichik Basu]

I have not been able to find any infection in my computer, although that could depend on the limitations of the scans I use (which includes Malwarebytes, albeit its free edition), and absence of evidence is not evidence of absence.

I have read somewhere that Windows Security (previously Windows Defender) can find and eliminate this Trojan, even though it is changing very rapidly.

Could you ask your friend for a screenshot of the mail that she has received? Maybe it is not Emotet, but something new? Maybe someone has your mail account password and is misusing it?

 

[nomadreid]

Thanks for the suggestion, Wrichik Basu. I shall indeed ask my friend for a screen shot, because her description was a bit vague. Windows Security as well as three other protections on my computer all tell me that there is no infection, so there is perhaps something else going on here. I change my password regularly, and no one else has reported receiving such spam. I will check back when I get more information.