New Phishing Campaign Targets Brazilian Users with RMM Software Trials

Since January 2025, a new campaign has been targeting Portuguese-speaking Brazilian users with trial versions of commercial surveillance and remote management software (RMM). The spam message leverages the Brazilian electronic billing system, NF-e, to entice users to click on hyperlinks and access malicious content hosted on Dropbox. This campaign has been reported by cybersecurity researchers at Cisco Talos.