Rather than sedning out direct phising emails, bad-actors have begun using company's public contact forms to initiate a social engineering attack. Current attacks have targeted toward U.S entities in manufacturing, metalwork, semiconductors, biotech, and pharmaceuticals.