Threat Alert: PHISHING LURES SPREAD Remote Management Software Through Malicious PDFs

• A series of phishing attacks are attempting to spread the Atera Remote Monitoring and Management (RMM) tool.
• The lures, which are in Portuguese and allegedly from Larissa Muller at Zimmerman Ltda. encourage recipients to open an attached PDF to see a list of requests for a quote from the engineering department.
• While the lures purportedly come from Larissa Muller, the email’s sender address does not match the sender's name.
• Opening the lure leads to the installation of Atera RMM, which can allow an attacker to take control of an affected device.
• Attacks using various RMMs are increasingly common in the threat landscape.

Key Action: Report Suspicious Emails 

• Remain alert to phishing indicators. Mismatches between sending addresses and an organization’s name are always warning signs.
• Never download attachments associated with unexpected messages. Never open, preview, or download an unexpected attachment unless you are certain a file is safe. These actions can expose you to malware.
• Report ANY suspicious emails using the Phish Alarm button.