CIO: Cyber Security Alert - Emotet malware coming through phishing email scams

CIO header - Cyber

Since September 17, 2019, the USDA Information Security Center (ISC) received at least 34 incidents where USDA assets were compromised by Emotet malware.


Emotet malware is a malicious Trojan horse that attacks devices through email Phishing scams. It allows sensitive data to be stolen and will use addresses on devices to perform denial of service attacks on other systems. Additionally, bad actors using Emotet malware have been known to mimic Paypal receipts, shipping notifications or past-due invoices.


What you need to do

If you receive an email that looks suspicious to you, please follow these steps within 48 hours of receiving the email:

  • Never respond to it
  • Never click any links in the message
  • Never go to any websites mentioned
    • Create a new email message and address it to
    • Click Attach Item > Outlook Item
    • Locate and then click on the suspicious email from your Inbox
    • Click OK
    • Send the message
  • Delete the suspicious email from your inbox

If you receive a phone call that sounds suspicious, please follow these steps:

  • Do not follow the caller's instructions, verify your name, or go to any websites mentioned
  • Hang up the phone

Learn how to identify suspicious emails that may be trying to acquire Personally Identifiable Information (PII) by masquerading as a trustworthy entity and the Reporting Instructions for Phishing or Spam Emails.


Help is available

For technical help call the Customer Help Desk at 1-866-945-1354 (TTY: 1-800-877-8339), start a chat with an agent, or type the full KBA number or “keywords” in double quotes into the Search box on the Customer Help Desk site to find helpful knowledge management documents.


The CIO is committed to providing reasonable accommodation in all of its activities, services, and programs for individuals with disabilities. If you require reasonable accommodation in accessing and using the information contained in this email, please email CIO News.


Visit the CIO News Archives for past emails.