Security researchers at Fortinet’s FortiGuard Labs have uncovered a sophisticated phishing campaign that uses weaponized Microsoft Word documents to deliver information-stealing malware to unsuspecting Windows users.

The attack exploits a well-known vulnerability to deploy FormBook, a dangerous malware variant designed to harvest sensitive user credentials and data.