Email campaign distributing Ratty RAT malware exploits legitimate invoicing tactics and geofencing to bypass security. Attackers use a trusted email service and file-sharing platforms, manipulate recipients through social engineering, and employ Ngrok for covert links. Targeting mainly Italy, the campaign exemplifies advanced evasion strategies and challenges conventional detection systems. Fortinet provides protections, urging users to stay vigilant against such phishing threats.
Multilayered Email Attack: How a PDF Invoice and Geo-Fencing Led to RAT Malware
