Attackers are using phishing emails to deliver malicious Microsoft Visio attachments that redirect to credential harvesting pages.
Suspected TTPs:
- Spearphishing Attachment [T1566.001]
- Exploit Public-Facing Application [T1190]
- Drive-by Compromise [T1189]
- Command and Control [T1071]
- Exfiltration [TA0010]
- Impact [TA0040]