A new phishing campaign uses fake JavaScript login forms generated directly by the attachment of a PDF attachment. The scam is targeting German victims. Scammers pretend to be sending you a tax invoice from Amazon and specifically state that you will need to login to your Amazon Seller’s account to view the tax invoice. In reality, this login prompt is being shown by a JavaScript script that will instead submit any submitted credentials to a long URL located at the http://sellercentral.de.56U8GTHDGT4U7YWEWESabecklink.
Source: https://www.bleepingcomputer.com/news/security/clever-amazon-phishing-scam-creates-login-prompts-in-pdf-docs/