Fake sexual harassment complaints appearing to come from the U.S. Equal Employment Opportunity Commission (EEOC) are the latest baits used by attackers to disseminate TrickBot banking Trojan payloads onto computers of unsuspecting employees of large companies.
The EEOC is a federal agency responsible for investigating and enforcing federal laws against workplace discrimination.
As part of this campaign, the malware operators use information collected for each target such as their names, the company they work for, their job titles, and even their phone numbers to customize the phishing emails in order to make them a lot more convincing.
For instance, everything from the email's subject and the message content to the malicious attachment each of the malspam emails come with contains the potential victim's name as MalCrawler discovered. By adding a "personal touch" to their phishing emails, the attackers greatly increase the chance of their TrickBot payloads being dropped and infecting their victims computers. Source and more technical detail at Bleepingcomputer: https://www.bleepingcomputer.com/news/security/trickbot-malware-uses-fake-sexual-harassment-complaints-as-bait/
