ABSTRACT
This chapter dives into the crux of a document and how threat actors operate using the same. Phishing is the act of deceiving a target or luring a user to click on a link or open an attachment. Malspam is e-mail plus malware. Users witness tons of spam emails and are used to either deleting them or ignoring them. Human emotions pave the way for most cyberattacks—curiosity, anxiety, eagerness, and fear. Emotet is a trojan that steals financial information, also known as ‘Banking Malware’. Trojans give cybercriminals a backdoor to systems, making it possible to spy on confidential information like banking credentials and exfiltrate data. Emotet relies on spam messages that include attached malicious word documents of fake invoices from various companies and sometimes ‘voicemail’ attachments. It then evolved to contain links in the message body that lead to the download of the word document.
