A new phishing campaign is targeting retail customer service and managerial staff.

The malware has been dubbed "August" and is a clever ploy to get employees to click on a link embedded in the email. The subject line of the phishing email is usually referring to supposed purchases via the company's website. Further info is said to be contained in the attachment.

Subject lines of the email include: "Help: Items vanish from the cart before checkout," and "Support: Products disappear from the cart during checkout."

Researchers are saying that the email campaign is the work of the TA530, an individual or gang which they previously cited for other highly personalized targeted campaigns.

Although it is currently targeting retail sites, it has the capability to be used elsewhere to steal credential.

"As email lures become increasingly sophisticated and personalized, organizations need to rely more heavily on email gateways capable of detecting macros with sandbox evasion built in as well as user education that addresses emails that do not initially look suspicious," the researchers said.

Source: SCMagazine