Cofense in ZDNet
Researchers from Cofense said this week that the new campaign is impersonating eFax, a modern, cloud-based variant of the traditional fax machine which is used by businesses to receive faxes across email and mobile devices.
The phishing emails crafted for this wave of attacks include an attached .ZIP archive which contains an .XLS Microsoft Excel spreadsheet.
The spreadsheet is malicious as it contains an Office macro which, should a victim enable when prompted, will download and execute both Dridex and the Remote Manipulator System Remote Access Tool (RMS RAT). …