Oh great...
Every time I read about the Sony hack I feel compelled to watch "The Interview" again. And James Franco really isn't all that funny.
Threat intel researchers have uncovered a phishing and malware campaign that targeted "a large European aerospace company" and which was run by the same North Koreans behind the hack of Sony Pictures. While there are quite a few European aerospace firms, Slovakian infosec biz ESET was more concerned with the phishing 'n' …
I'm wondering how easy someone in, for example, sales would find it to extract a password-protected .rar archive. It's not supported by Windows natively, so they'd likely have to get another archive program. At the point where you have to convince someone to download a file, decrypt it, decompress it, run a shortcut, and download a file, you have to ask if your scheme is too suspicious to work. At least, if I were evil I'd be concerned that the complicated process might confuse my victims or cause them to report me. Evidently I still have too much confidence in the social engineering resilience of the average user.