Can Emotet Spread Without Using Outlook?

  • Thread starter Thread starter nomadreid
  • Start date Start date
Click For Summary

Discussion Overview

The discussion centers around the potential for the Emotet Trojan to spread without using Outlook, particularly in the context of a user receiving spam from their email address. Participants explore various scenarios regarding how the spam could have been sent and the implications of their email security.

Discussion Character

  • Exploratory
  • Technical explanation
  • Debate/contested

Main Points Raised

  • One participant describes how spammers typically use a victim's address book to send spam, but notes that Emotet may operate differently by reading emails from Outlook.
  • Another participant suggests that simply downloading attachments could allow the virus to infect a system, indicating that Outlook may not be necessary for infection.
  • A participant expresses uncertainty about whether their system or their friend's system is infected, given that neither uses Outlook.
  • Malwarebytes is referenced as a source of information regarding Emotet, with a suggestion to remove email accounts from Outlook or the Windows Mail app as a precaution.
  • Concerns are raised about the limitations of malware scans, with one participant noting that absence of evidence does not confirm the absence of infection.
  • There is a suggestion to obtain a screenshot of the spam email to clarify whether it is indeed Emotet or another issue, and the possibility of a compromised email account is mentioned.

Areas of Agreement / Disagreement

Participants express differing views on the necessity of Outlook for Emotet to spread, and there is no consensus on whether the spam originated from the user's computer or if another factor is involved. The discussion remains unresolved regarding the source of the spam and the potential infection status of the systems involved.

Contextual Notes

Participants note the limitations of their malware scans and the potential for evolving threats, indicating that the situation may be more complex than it appears.

nomadreid
Gold Member
Messages
1,771
Reaction score
255
TL;DR
If X gets an email purportedly but falsely from Y, and X doesn't use Outlook, then does it necessarily originate from Y's computer/address book?
The classic way that a spammer S sends out false emails using Person Y's address sent to X to try to get X to click on a malicious link or attachment is for S to invade Y's address book, but more recently I have read (articles in German, so not cited) that the "emotet" Trojan horse (as of April 2019) worked by "reading" emails from X's Outlook, and thus answering with an address that X had written to a bit earlier, so Y was never directly involved. With that in mind: a friend received a spam message from my email address and accuses me of being the culprit since I visit sites in Russian; when I pointed out that there was the alternative explanation of an "emotet" Trojan Horse, so that I may not be involved, she countered that she does not use Outlook. Is there any way that the spam would not have come directly from my computer? (As far as I can tell, my computer is not infected.)
 
Computer science news on Phys.org
I read a few articles online, and it seems that Outlook may not be involved in this case. Just downloading attachments gives the virus an opportunity to infest your system.
 
Thanks, Wrichik Basu. So, if I understand correctly, it would be my system, not my friend's, which would be infested.
 
Here is what Malwarebytes has to say about the Trojan:
https://www.malwarebytes.com/emotet/Yes, you are right, it is possible that your mail id has been hacked by this trojan. It is better to remove your mail id from Outlook or the Mail app that is present by default in Windows 10, if you use either.
 
Thanks, Wrichik Basu. Curiously enough, neither I nor my correspondent use Outlook. My correspondent does not have Windows 10. I do have Windows 10, but I do not use the Mail app.
I have not been able to find any infection in my computer, although that could depend on the limitations of the scans I use (which includes Malwarebytes, albeit its free edition), and absence of evidence is not evidence of absence.
[Side note: your "The moment you stop learning just for the sake of acquiring knowledge, and start studying for the examination, you are no longer a human being." would classify most school children, if my experience as a teacher is any guide, as something other than human beings. Of course, as many teachers, I have often had this suspicion...]
 
nomadreid said:
I have not been able to find any infection in my computer, although that could depend on the limitations of the scans I use (which includes Malwarebytes, albeit its free edition), and absence of evidence is not evidence of absence.
I have read somewhere that Windows Security (previously Windows Defender) can find and eliminate this Trojan, even though it is changing very rapidly.

Could you ask your friend for a screenshot of the mail that she has received? Maybe it is not Emotet, but something new? Maybe someone has your mail account password and is misusing it?
 
  • Like
Likes   Reactions: nomadreid
Thanks for the suggestion, Wrichik Basu. I shall indeed ask my friend for a screen shot, because her description was a bit vague. Windows Security as well as three other protections on my computer all tell me that there is no infection, so there is perhaps something else going on here. I change my password regularly, and no one else has reported receiving such spam. I will check back when I get more information.
 
  • Like
Likes   Reactions: Wrichik Basu

Similar threads

Using Word for Equation Editing
  • · Replies 15 ·
Replies
15
Views
2K
Why is my blocked senders function not working in Outlook 2003?
  • · Replies 1 ·
Replies
1
Views
2K
What data can we use to help evaluate Russian biowarfare allegations?
  • · Replies 3 ·
Replies
3
Views
1K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
PHP Using PHP and cURL to submit POST requests to a website
  • · Replies 7 ·
Replies
7
Views
6K
Fortran {FORTRAN}How can i read blank steps without using iostat
  • · Replies 6 ·
Replies
6
Views
2K
High School Traditional logic and its usefulness in the past
  • · Replies 21 ·
Replies
21
Views
3K
Flushing Data in Loop? -- Keep Entering Empty Space
  • · Replies 6 ·
Replies
6
Views
2K
Admissions Can someone critique my statement of purpose? (Master's Degree in Quantum Engineering)
  • · Replies 8 ·
Replies
8
Views
5K
Can an AI write a credible novel with Wikipedia and YouTube?
  • · Replies 3 ·
Replies
3
Views
3K