KISA warned that attackers were impersonating the Korea Internet & Security Agency with an attachment named KISA알림.pdf.lnk. The advisory says the lure likely referenced KISA security services or recent SK Telecom breach news, although the original phishing email had not been confirmed. If a recipient ran the LNK attachment, it downloaded and executed malware capable of stealing sensitive information from the victim PC. KISA advised users to verify senders, avoid unknown attachments and links, show file extensions in Windows, avoid executing .lnk files, keep software and antivirus tools updated, and report incidents through Boho or 118.