A recently detected phishing campaign designed to steal credit card information employed a series of attack tactics previously associated with malware distribution, Proofpoint security researchers reveal.
The technique involves the distribution of a malicious document inside a .zip archive that is password-protected. The archive is attached to an email and the password to open it is included in the email body. Most recently, the method was used to distribute the Cerber ransomware (the campaign also dropped the Ursnif banking Trojan).
