Microsoft said today it spotted a cybercrime operation abusing contact forms on legitimate websites to target companies and their workers in attempts to infect them with the IcedID malware.
One of Microsoft’s security teams highlighted the creativity and effectiveness of this campaign, which is currently seeing a spike in activity.
https://therecord.media/microsoft-malware-gang-uses-website-contact-forms-for-distribution/