A new phishing technique called « file archiver in the browser » can be leveraged to « emulate » a file archiver software in a web browser when a victim visits a .ZIP domain.
« With this phishing attack, you simulate a file archiver software (e.g., WinRAR) in the browser and use a .zip domain to make it appear more legitimate, » security researcher mr.d0x disclosed last week.
Threat actors, in a
