Emotet, one of the most advanced and dangerous botnets in the world in circulation for years, returns later a four-month break through a new malspam campaign, aimed at organizations and users. Starting from 16 September 2019 the botnet has resurfaced and resumed spamming operations. Cisco Talos and other cyber security researchers launch the alarm. Emotet was born as a banking Trojan, but over the years it has continued to evolve and recently it has was also associated with some large-scale targeted Ryuk Ransomware. The vector of infection mainly remains the sending of malicious emails sent as part of widespread spam campaigns. Emotet is generally delivered either through office documents or via messages spam based on URLs leading to an infection.