Q1 Goals to Gaps in Security: The Rise of HR-Themed Phishing

Cofense observed a credential-harvesting phishing campaign that impersonates HR ('Human Capital') and leverages Q1 performance deadline urgency to trick employees into submitting information to a malicious JotForm and then entering Microsoft credentials on a spoofed login page. The blog provides the attack chain, screenshots, observed malicious URLs and IPs, and recommended mitigations including email filtering, MFA, realistic phishing simulations, and Cofense MPDR detection.