VERY IMPORTANT

Regions of the world in geopolitical turmoil, like Turkey, are prime targets for cyber espionage campaigns. Starting in mid-November, an unknown actor purporting to be from the tax collection arm of the Turkish government began a spear phishing campaign against a Turkish defense contractor. The group used tactics that have become extremely useful for cyber spies—spear phishing emails that social engineer the victim to download an attached or embedded file and then enable macros. These macros contain executable files that download a Remote Access Trojan (RAT), which can log keystrokes, take screenshots, record audio and video from a webcam or microphone, and install and uninstall programs and manage files.