This post has been republished via RSS; it originally appeared at: Microsoft Security.
Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind their allegations, but are instead led to the download of IcedID, an info-stealing malware.
The post Investigating a unique “form” of email delivery for IcedID malware appeared first on Microsoft Security.