"Emotet" Has Resumed Its Activities
Do you, dear readers, know what “Emotet” is?
This is the malware (computer virus) that has been shaking the world to its core over the past few years.
It had been causing damage to many organizations and companies in various countries around the world. While Japanese companies were among them, the group was brought under control by law enforcement agencies in various countries around January of last year. It appears that this success was made possible in part by information provided by Japanese white-hat hackers.
However, starting around November of last year,Resumption of Emotet Activity...has begun to be observed.
It appears that some of these attempts involve sophisticated schemes that use actual email addresses belonging to people working at construction companies or construction consulting firms to spread viruses.
A Sophisticated Scam Using Real Email Addresses
For example, there has been an increase in virus emails that use the email addresses of actual local government officials to trick recipients into opening the email, clicking on a URL, or opening an attachment.
The email subject lines are phrased in a way that makes you think, “Oh, that project!”—such as “Fw: Regarding the XX Road Improvement Project” or “Re: Regarding the △△ Application Documents.”
I, too, once received an email with a subject line like the one shown above. That email had an Excel file attached.
When I tried to open the Excel file without thinking twice, a button labeled “Enable Content” appeared on the screen, so I thought it looked suspicious and closed the file.
After that, I forwarded the file to the IT security department. As a result, I received a report stating that the file contained a virus.
Initially, this was limited to only a few municipalities, but it appears to be spreading to multiple municipalities, and I have received warning emails from several procurement officers.
So I decided to call the sender or recipient after sending or receiving an email.They’re calling to ask me to confirm that I sent an email like this, or simply to confirm that I received the email.
It's a hassle, but by doing that,One of the infection control measures...is the thinking. It's too late once something happens. Even if it's not perfect, it's best to do whatever you can on your own.
Small and medium-sized enterprises in the construction industry could also be targeted
Considering that local government email addresses are being stolen and other such incidents are occurring,Small and medium-sized construction companies are also highly likely to be targeted.It can be assumed that...
Since large companies are putting a lot of effort into IT security, it may be becoming more difficult to steal information from them. However, when it comes to small and medium-sized enterprises, there are likely some that do not prioritize security to the same extent.
There are indications that hackers believe it is easier to steal information from small and medium-sized enterprises in the construction industry or to encrypt data on their servers and demand a ransom than it is to do so against large corporations.
It appears that the ransom money serves as funding for the hackers' activities. Perhaps they are trying to secure funds by any means necessary and are taking whatever they can get their hands on.
In any case, I think they’re exploiting the fact that local governments and small and medium-sized businesses are currently lax about information security.
Do not open attachments or URLs without thinking
Although this is a general measure,The golden rule is never to open emails from senders you don't recognize.That is.
On the other hand, even if you recognize the email, you can protect yourself by taking the utmost care—such as not opening attachments carelessly and verifying the sender first.
Also, if you hover your cursor over an email address or URL (without clicking!), the address will be displayed, and the actual URL will appear in the lower-left corner of your computer screen, so comparing the two can be a helpful precaution.
If the URL in the email differs from the one that appears in the lower-left corner of the screen when you hover your cursor over it, it's almost certainly a virus.
Just keeping these things in mind can help prevent viral infections. It may be a hassle, but once you’ve been infected, it’s too late, soI hope you’ll start by putting into practice the measures you can take on your own.。



