It is done in every possible way. The dumbest form your defenses will allow in is what you get. Can absolutely be done via downloads yes. Because they perform an impersonation attack on you, or use a supplier as an attack vector, and by impersonating a trusted user, they get you to open a file or similar.
Better finetune your email security, because humans are a hard problem. Loads of awareness, phishing drills and information sec training is needed.
unixhero|5 years ago
Better finetune your email security, because humans are a hard problem. Loads of awareness, phishing drills and information sec training is needed.