A new phishing campaign is targeting organizations in healthcare, government, hospitality, and education sectors across various countries by disguising malicious infostealers as copyright infringement notices. The campaign employs multiple evasion techniques designed to bypass security detection systems.
The attack leverages the credibility of copyright infringement notifications to trick recipients into executing malicious payloads. Organizations in the targeted sectors appear particularly vulnerable due to their regular handling of legal compliance notices and copyright-related communications.