Kaspersky: Phishing Now Knows Your Name — And Even Inserts It Into PDFs
Your name in the email and attachment is just bait. Everything else is a fake.
Your name in the email and attachment is just bait. Everything else is a fake.
Experts from Kaspersky Lab have identified a new advanced phishing campaign aimed at stealing corporate email logins and passwords. Attackers are sending personalized emails disguised as internal messages from the HR department.
The key feature of these attacks is the individualization not only of the message text but also of the attachments. Recipients are addressed by name both in the email body and within the attached file. The document allegedly contains remote work guidelines, security recommendations, and information about employee benefits. However, none of the information is genuine.
In reality, the attachment titled “Employee Handbook” includes a cover page, a table of contents, and a section with a QR code. The QR code redirects victims to a fake page mimicking the Microsoft login interface. Victims are then prompted to enter their corporate email credentials, which are immediately sent to the attackers.
To bypass spam filters, the email text is presented as an image. It also contains a fake “verified sender” badge, intended to increase the recipient’s trust. This tactic complicates automatic threat detection.
According to specialists, the campaign likely uses a new automation mechanism that generates a unique set — personalized email and file — for each target. This significantly increases the effectiveness and scalability of the phishing attacks.
Experts emphasize that phishing attacks are becoming increasingly sophisticated and technically advanced. To protect against such threats, companies must implement modern security systems and continually improve employees' digital literacy.
