In a new phishing campaign, the offending emails arrive in inboxes with attached, password-protected zip archives containing Word documents. (Photo by Justin Sullivan/Getty Images)
A phishing campaign has been attempting to disguise spam as an email chain, using genuine messages taken from email clients on previously compromised hosts.
Cybercriminal group TA551, aka Shathak, is behind the operation, which is known to spread information-stealing malware such as Ursnif, Valak and IcedID, according to a blog post today from the Unit 42 threat research team at Palo Alto Networks.
Please register to continue.