Users get an email from the address EDP@wpengine.com with an alleged electronic invoice, using the name of the Group to render the message more realistic and thereby increase the efficiency of the attack.
The email message contains a link that, once clicked, will install malicious software (malware) designed to steal credentials and other sensitive information from the users.
This kind of attack is known as Phishing and seeks to abusively obtain personal data with messages that lead the user to fake sites - faithful copies of websites regularly visited by the user - requesting confidential data. In order to prevent these attacks, we suggest you read the Computer Security information we provide on our website.