An ongoing phishing campaign is impersonating Michael Page consultants to push Ursnif data-stealing malware. Michael Page UK is part of PageGroup recruitment business with operations in the Americas, UK, Continental Europe, Asia-Pacific, and Africa. The company says no PageGroup system has been compromised and the attackers are only spoofing employees in the phishing emails sent to random targets. Attackers use embedded links to redirect potential victims to phishing landing pages featuring GeoIP and antibot checks, according to a security researcher.
Source: https://www.bleepingcomputer.com/news/security/phishing-impersonates-global-recruitment-firm-to-push-malware/