Rising ClickFix malware distribution trick puts PowerShell IT policies on notice

The report details active phishing campaigns that deliver encoded PowerShell via malicious HTML email attachments to install remote access trojans (NetSupport), loaders (Latrodectus), and tools like Brute Ratel C4. Techniques include password-protected .7z archives, embedded execution instructions, and social-engineering lures such as fake Word errors and CAPTCHA prompts to obtain initial access.