The Threat Intelligence Team at cyber security company eSentire has observed an increase in successful Emotet infections, coupled with lateral movement after the initial infection. eSentire Threat Intelligence assesses with medium confidence that the prevalence of infections will continue to rise given the current success of lateral movement and ease of delivery. The initial infection vector is Microsoft Word documents downloaded from an embedded link inside fake invoice emails. The trojan can spread through windows SMB file shares and is capable of downloading additional payloads from command & control servers.