The Proofpoint cybersecurity company, based in California, warned on Thursday of a “malicious email campaign” spreading Emotet, a type of Trojan Horse designed to steal banking data from computers.
The company said that the emails are characterized as an invitation to an environmental protest on Christmas eve organized by eco-activist Greta Thunberg. The email is said to include a word file attachment with the name “Support Greta Thunberg.doc” that contains the Emotet malware.
“This campaign serves as a reminder that attackers won’t hesitate to target people’s best intentions during this holiday season. It also serves as a mark of how significant environmental awareness has become, and how well-known Greta Thunberg is globally. Attackers choose their lures carefully: in many ways their lures are a reliable barometer of public interest and awareness,” the cybersecurity company stated.
Proofpoint said that the emails have surfaced around the world, including in the United States, Japan, Germany, Italy, United Arab Emirates, Australia, the United Kingdom, Switzerland, Canada and others.
“These attacks are not only global in their targeting but also in their use of native-language lures. Our researchers have seen malicious emails with subject lines in Spanish, Italian, French and Polish,” company researchers said.
The Proofpoint warning also noted that the malware email campaign is significantly targeting domains ending with “.edu” over domains associated with any specific country. Those behind the attack are said to understand the “strong support Thunberg has among students and young people”.