.. /.Htm

Phishing
Script
Double Click

Contributors:

mr.d0x

Description:

HTM or Hypertext Markup Language files are used to create webpages. They are often used by attackers to spoof a webpage or execute JavaScript.

OS:

Wndows
Mac
Linux

Recommendation:

Block the download of HTM files when delivered through email and change the default application for HTM files to a text editor such as Notepad.

Resources:

https://www.proficio.com/spear-phishing-in-the-wild-ii/

File Samples: