A phishing campaign targeting UK employees in the retail and insurance industries is sending out emails claiming to come from the Ministry of Justice. ZDNet reported that the emails have the subject line “Court,” while the body of the message implies that the user has been summoned with a subpoena to testify. To get details, the user is prompted to click a link that takes the user to a Word document hosted on Microsoft One drive. The user is then prompted to “enable macros,” which allows the code programmed into the document to download onto the user’s system. It downloads a malware called Predator the Thief, which is used to steal login credentials, browser data, and cryptocurrency stored in digital wallets, as well as to take photos with the computer’s webcam. When Predator the Thief finishes plundering the system and sending all its information back to its command-and-control center, the malware self-destructs, erasing all traces of itself.