Last week, 360 Threat Intelligence Center captured multiple bait documents specifically for Japanese users. The phishing email contains an Office Excel attachment with malicious macro embedded to launch subsequent PowerShell script. By analyzing recipients of the collected phishing emails, we found that the victims are employees from Japanese high-tech enterprises.

https://ti.360.net/blog/articles/URLZone-New-Approaches-to-Specifically-Target-Employees-in-Japanese-High-Tech-Companies-en/