End-of-Year PTO: Days Off and Data Exfiltration with Formbook

The holiday season is a time of joy and relaxation, but it often brings an influx of corporate emails ranging from leave approvals to scheduling paid time off. The Cofense Phishing Defense Center (PDC) has recently intercepted a malicious phishing email masquerading as a legitimate end-of-year leave approval notice. Disguised as a formal HR communication, this email leverages the urgency and importance of year-end leave scheduling in order to trick the recipients into clicking a malicious link. This enables the threat actor to steal sensitive information via FormBook malware. 

The post End-of-Year PTO: Days Off and Data Exfiltration with Formbook appeared first on Security Boulevard.

06 December 2024


>>More