Skip to main content

Kaspersky has detected a multi-stage phishing attack targeting manufacturing facilities in Europe, Asia and the Middle East

14 July 2026

Kaspersky experts have uncovered a phishing campaign targeting manufacturing facilities in multiple countries across Europe, Asia and the Middle East. The attackers are sending English-language emails, allegedly from potential customers interested in respective products, attempting to extort corporate data. The campaign began in April 2026 and is still ongoing.

The phishing scheme includes several stages. First, potential victims receive an email from an alleged interested buyer asking for clarification on the product, such as the exact pricing or availability. 

If the recipient responds, they are then sent a link to download a file with the product's technical specifications, either immediately in a subsequent email or after further discussion and questions. Clicking on the link takes the user to the next phishing page mimicking a popular cloud service for working with PDF documents. 

An example of a phishing email sent to the employees of manufacturing companies

An example of a phishing email sent to the employees of manufacturing companies

The user is then directed to an "authorisation form" asking for corporate email address and password – allegedly for security purposes to prevent unauthorised access to the file. In reality, this is a ploy by attackers to trick users into revealing corporate data.

"We see spear phishing campaigns evolving. Attackers are increasingly moving from simple schemes to complex campaigns consisting of multiple stages, as this increases the chances of a successful attack. They also thoroughly prepare, researching organisations to craft the most convincing cover stories. For example, they develop attack scenarios tailored to the specific operating conditions of manufacturing companies. Attackers often employ AI tools to craft phishing emails or automate other processes. To reduce risks, organisations need to pay increased attention to security – implementing reliable technical tools and improving employees' cyber literacy," comments Roman Dedenok, Anti-Spam Expert at Kaspersky.

To defend organisations against this threat, Kaspersky recommends: 

Kaspersky has detected a multi-stage phishing attack targeting manufacturing facilities in Europe, Asia and the Middle East

Kaspersky experts have uncovered a phishing campaign targeting manufacturing facilities in multiple countries across Europe, Asia and the Middle East. The attackers are sending English-language emails, allegedly from potential customers interested in respective products, attempting to extort corporate data. The campaign began in April 2026 and is still ongoing.
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Innovating the industry with a Cyber Immunity approach, Kaspersky safeguards consumers, businesses, critical infrastructure, and governments from cyberthreats, with over a billion devices protected to date.

Kaspersky ensures Cybersecurity True to Business, focusing on providing clear outcomes, protecting revenue, easing workloads and preventing downtime. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services for organizations of every size, from small businesses to large enterprises, combining proven AI-driven protection technologies with simple management and expert support.

Recognized in independent tests and trusted by millions of individuals worldwide and nearly 200,000 organizations, Kaspersky helps detect threats earlier, respond faster and operate with greater confidence and freedom, protecting what matters most to our clients. Learn more at www.kaspersky.com.

Related Articles Press Releases