Earlier this week a colleague pointed out an intriguing phishing sample that he had come across.
It was interesting not because of any great sophistication or complexity, but rather that it illustrated the reuse of an old social engineering trick.
The brand being targeted in the phish campaign is Poste Italiane, a well known Italian group that includes financial and payment services in its product portfolio.
We see numerous phishing attacks targeting this group each month, with attackers keen to trick their customers into unwittingly submitting their credentials to fake login sites.
This latest attack takes a similar strategy to many recent phish campaigns, where the email contains a HTML attachment which the recipient is enticed into opening.
Microsoft® Windows Insider MVP - Windows Security