A phishing campaign is detected, luring its targets with fake job scams. The campaign is being linked to Iranian APT33. Indicators of compromise are given below, some of which have previously been used in other phishing campaigns as well. The motive of the campaign is still not known. Similar phishing campaigns have been previously launched to deploy Remote Access Trojans.