Threat Alert: Employment Status-Themed Phishing Lures

• Cybercriminals have launched a series of phishing attacks using concerns over the recipient’s employment status legality as a lure. 
• The lures contain a link purportedly related to employment status documentation. 

Key Actions (at Work and at Home)

• Verify the legitimacy of any unsolicited/unexpected email before you interact with it, especially if it directs you to click on a link or asks you to provide credentials. It can be tempting to click on a “call to-action.” But if you notice a subtle change or inconsistency within a message claiming to be from HR or another internal department, don’t ignore it—report it. 
• Remember cybercriminals take advantage of strong emotions. An urgent email asking an employee to verify their work status legality can be extremely stressful. Keep in mind cybercriminals seek to capitalize on moments of anxiety and the difficulty in thinking clearly in such situations.  
• Report ANY suspicious emails using the Phish Alarm button. Remember: Our organization occasionally sends phishing simulations.