Guardio Labs researchers Nati Tal and Oleg Zaytsev revealed that the malicious emails contained embedded buttons concealing malicious links.
In some cases, the sites downloaded malware aimed at swindling users out of their money.
The attackers also designed entire emails as images to evade text-based spam filters.
The fact that they originated from trusted domains also helped bypass detection.
