From gbhackers.com
X-Force identified a phishing campaign targeting Latin American users since March 2024, where emails impersonate legitimate entities like tax and utility services, urging recipients to click links for invoices or account statements.
Clicking the link redirects users in specific countries to a fake PDF icon while downloading a malicious ZIP archive containing an executable disguised as a PDF, which leverages urgency and exploits trust in official institutions to trick users into compromising their systems.