ISLAMABAD: A multi-stage phishing campaign has been targeting manufacturing companies across Europe, Asia and the Middle East since April 2026, according to cybersecurity firm Kaspersky.
The campaign uses carefully crafted emails that appear to come from potential customers seeking product prices, availability or technical details. Its objective is to trick employees into revealing corporate email credentials and other sensitive business information.
Kaspersky said the attackers initially contact manufacturing firms in English and pose as interested buyers. The messages are designed to appear legitimate and often begin with routine questions about products or services.
If an employee responds, the attackers continue the conversation before sending a link that supposedly provides technical specifications or other documents related to the inquiry.
Fake Document Page Used to Steal Login Details
When the link is opened, the user is redirected to a phishing page designed to resemble a well-known cloud-based PDF service.
The victim is then shown an authorization form asking for a corporate email address and password, allegedly to verify access and protect the document from unauthorized users.
Kaspersky said the form is fraudulent and is used to collect employees’ login details, potentially giving attackers access to corporate email accounts and internal company data.
The company described the operation as a spear-phishing campaign because the messages are tailored to the business environment and working practices of manufacturing companies.
Attackers Use Longer Conversations to Build Trust
Roman Dedenok, an anti-spam expert at Kaspersky, said phishing groups are increasingly using multi-stage campaigns instead of sending a malicious link in the first email.
According to Dedenok, maintaining a conversation with the target can make the request appear more credible and increase the likelihood that an employee will open the link or enter login information.
He said attackers also research targeted organisations and develop scenarios suited to their operations. Artificial intelligence tools may also be used to draft convincing emails or automate parts of the campaign.
Companies Advised to Strengthen Email Security
Kaspersky advised organisations to use email security systems capable of detecting phishing, spam, malicious attachments, business email compromise and other email-based threats.
It also recommended that cybersecurity teams stay informed about emerging attack methods and that companies provide regular security-awareness training to employees.
Workers should verify unexpected requests for sensitive information, carefully inspect web addresses and avoid entering corporate passwords on document-sharing pages reached through unsolicited emails.
The campaign remained active at the time of Kaspersky’s warning.
Also Read: 48% of Travelers Avoid Sharing Sensitive Data With AI Over Security Risks: Kaspersky Survey


Today's E-Paper