Hackers are using this new attack method to target power companies

These phishing emails being used to steal credentials from critical infrastructure firms can silently harvest data without even using macros, warn researchers.