In summer 2019, Kaspersky ICS CERT identified a new wave of phishing emails containing various malicious attachments. The emails target companies and organizations from different sectors of the economy that are associated with industrial production in one way or another. The attacks make use of social engineering techniques and legitimate documents, such as memos and documents detailing equipment settings or other industrial process information, which have apparently been stolen from the company under attack or its business partners. The number of enterprises facing the threat of infection is growing.”]
Source: https://securelist.com/attacks-on-industrial-enterprises-using-rms-and-teamviewer-new-data/99206/