Threat Alert: ANNUAL LEAVE Compliance-Themed Lures Steal Credentials

• Annual leave compliance-themed phishing attacks have been identified.
• The lures used in these attacks purport to be from the HR department and claim a new annual leave compliance report exists.
• The emails come from “HR-Department <hrdepartment@ease-servicesgroup[.]com>” and use the subject line “Scheduled Annual Leave Notification.”
• The lures include a personalized link leading to the alleged report and warn of potential noncompliance if the report is not viewed.
• To view the report, recipients must enter credentials leading to credential theft.

Key Action: Report Suspicious Emails 

• Remember cybercriminals take advantage of strong emotions. A purported email from HR warning of non-compliance can be stressful, especially when the lure mentions changes to an annual leave policy around the holiday season. Attackers seek to take advantage of these moments of anxiety. 
• Remember that cybercriminals commonly leverage current events in phishing attacks. Annual events like the holiday vacation season give cybercriminals the time to prepare by crafting difficult-to-spot or believable lures. 
• Do not respond to suspicious emails. Attackers capitalize on uncertainty and would exploit recipients starting a dialogue with them. 
• Report ANY suspicious emails using the Phish Alarm button.