Discovered by Proofpoint, the campaign employs bait via an authentic voice message containing an LNK attachment. The technique was used in a relatively restricted manner. Only one unique file was detected and errors in the scripting found a general failure to perform on target systems.
Some versions of mail client did not show the attachment and replaced it with a warning message that the file was possibly unsafe. Organisations that follow e-mail security best practices normally treat LNK files the same as executables (EXE) and strip them from messages prior to delivery.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now