Just when it looked like the Emotet spamming/malware operation had stopped, there are widespread reports that it has restarted.
Emotet botnet starts blasting malware again after 5 month break (bleepingcomputer.com)
Infected Microsoft Office documents are Emotet’s favoured method of malware distribution. Once the email has slipped past your technical defences, if the user fails to spot that it is malicious spam and opens the attachment, the malware will activate. First it steals and exfiltrates email addresses from the infected PC, this is how Emotet gathers further victims, and then it installs further malware.
It is time to remind your team that unsolicited Word and Excel attachments may not be what they seem, but actually contain malicious code.