Global Phishing Alert!

A highly sophisticated phishing campaign targeting over 35,000 users across 26 countries has been uncovered, impacting more than 13,000 organizations. Detected in mid April 2026, the attack saw the highest number of victims in the United States, highlighting the scale and global reach of the operation.

Attackers used professionally crafted emails that closely resembled internal corporate communications. These messages included formal language, polished designs, and urgency driven prompts to pressure recipients. High value sectors such as healthcare, financial services, professional services, and technology were primarily targeted due to their access to sensitive data.

The emails contained attachments that redirected users through multiple layers to fake login pages, where credentials were captured in real time. Advanced techniques allowed attackers to bypass multi-factor authentication and maintain access even after password changes. Experts have urged organizations to strengthen security systems and remain vigilant against evolving cyber threats.