New service checks if your email was used in Emotet attacks

Porthos · Oct 2, 2020

New service checks if Emotet uses your email

Today, Italian cybersecurity company TG Soft launched a new service launched called Have I Been Emotet that allows you to check if a domain or email address was used as a sender or recipient in Emotet spam campaigns.

TG Soft has told BleepingComputer that their database consists of monitored outgoing emails generated by Emotet between August and September 23rd, 2020.

During this period, they have collected over 2.1 million email addresses from around 700,000 outgoing emails.

To use the service, you can enter a domain or email address, and it will let you know how many times it was used.

To use the service, you can just enter a domain or email address, and it will let you know how many times the email address or domain was used as the sender of an email or the recipient.

When returning the search result, Have I Been Emotet will provide the following information:

REAL SENDER: Indicates that the computer using this email account has been compromised and used to send spam emails.
FAKE SENDER: Indicates that your mail was stolen and used in spam campaigns.
RECIPIENT: Indicates that you were the recipient of an Emotet spam email.

For example, in the image below, you can see that users in the microsoft.com domain were targeted 42 times in recent Emotet spam campaigns.

Emotet emails targeting microsoft.com