ESRC reported a North Korea-linked phishing attack disguised as material for a June 15 Inter-Korean Joint Declaration unification policy forum. The lure impersonated a professor and presented a cloud attachment for a supposed HWP document, then redirected victims to a phishing site requiring portal credentials before showing a legitimate Google Drive document. The infrastructure used kakao.cloudfiles.epizy[.]com, part of a pattern of epizy[.]com and similar free hosting domains abused in North Korea-linked Fake Striker cases. Targeting focused on diplomacy, security, unification, defense, academia, and related private-sector individuals. The activity matters because it combines timely policy-event social engineering with cloud-file impersonation and credential theft against communities central to Korean Peninsula policy.