A recently uncovered phishing campaign used fake COVID-19 vaccination forms to harvest workers’ email credentials. The phishing emails contained a malicious PDF link that would take victims to a phishing page to harvest their Microsoft Outlook credentials. In some cases, the fraudsters also looked to steal personally identifiable information, such as full name, birthdate and mailing address. The campaign appeared in a limited number of employee inboxes – about 60 – and did not appear successful, INKY researchers say.”]
Source: https://www.cuinfosecurity.com/phishing-attack-used-spoofed-covid-19-vaccination-forms-a-17399