The phishing emails come with server-parsed HTML (SHTML) file attachments that are typically used by web servers. If users open the attachments, they’re immediately redirected to a malicious site requesting sensitive information, which if entered, falls directly into the hands of cybercriminals – who are believed to be working out of the UK.
Uncovered by threat researchers at cybersecurity company Mimecast, over half of the malicious emails have been sent to targets in the UK, with significant numbers also sent to potential victims in Australia and South Africa. A small number of attacks have targeted inboxes of users in the rest of the world.
Read the full article here.