ISLAMABAD: A global cybersecurity company Thursday uncovered a phishing campaign targeting manufacturing facilities in multiple countries across Asia, Europe and the Middle East.

According to a report of the company issued on Thursday, Kaspersky experts warned Pakistani companies that the attackers are sending English-language emails, allegedly from potential customers interested in respective products, attempting to extort corporate data. The campaign began in April 2026 and is still ongoing.

The phishing scheme includes several stages. First, potential victims receive an email from an alleged interested buyer asking for clarification on the product, such as the exact pricing or availability.

If the recipient responds, they are then sent a link to download a file with the product’s technical specifications, either immediately in a subsequent email or after further discussion and questions. Clicking on the link takes the user to the next phishing page mimicking a popular cloud service for working with PDF documents.

The user is then directed to an “authorization form” asking for corporate email address and password – allegedly for security purposes to prevent unauthorized access to the file. In reality, this is a ploy by attackers to trick users into revealing corporate data.

To reduce risks, organizations need to pay increased attention to security – implementing reliable technical tools and improving employees’ cyber literacy, the report said.

Copyright Business Recorder, 2026