Phishing Campaigns Evolve as Cybercriminals Turn to Infostealer Malware

This briefing describes a shift in phishing operations toward infostealer malware that quietly harvests credentials, session cookies, cookies, browsing history and cryptocurrency wallet details. It highlights attackers using session-cookie theft to bypass MFA, the role of Malware-as-a-Service in scaling attacks, common delivery vectors (malvertising, fake updates, cracked software), and social-engineering techniques like ClickFix, while noting the importance of cautious download behavior and verifying urgent emails.