Phishing emails with HTML attachments are tricking users into pasting malicious commands.
The scam uses a fake MS Word message to deceive users into executing a Base64-encoded PowerShell command, leading to malware infection. The executed script downloads and runs an HTA file, ultimately infecting the system with DarkGate malware. Users should pay attention to email URLs and suspicious attachments.