VERY IMPORTANT

Since the dawn of phishing, fraudulent invoicing and purchasing schemes have been one of the most common lures. The usual modus operandi involves appealing to the recipient’s desire to avoid incurring a debt, especially where a business may be involved. FortiGuard Labs recently came across an interesting phishing e-mail masquerading as a purchase order addressed to a Ukrainian manufacturing organization that deals with raw materials and chemicals. The e-mail contained a PowerPoint attachment that is in reality a sophisticated, multi-stage effort to deploy the Agent Tesla RAT (Remote Access Trojan).