THE article discusses a phishing attack masquerading as a purchase order attachment named 'New PO 500PCS.pdf.hTM'. This deceptive file aims to harvest user credentials by presenting a fake password prompt while gathering sensitive information such as IP address and geolocation. The threat exploits double file extensions typical in phishing scams; when opened, it directs victims to a browser page that collects login details and transmits them to an attacker-controlled Telegram bot.
To safeguard against such attacks, users are advised to avoid unsolicited attachments, verify file extensions, use secure access methods, enable multi-factor authentication, and utilize reputable anti-malware solutions.