Customer Complaint Email Used to Distribute Embedded HTML Credential Form

On 10 April 2026 support representatives received phishing emails with an attached Complaint_Form.html that displayed a locally rendered login page to harvest corporate email credentials and submitted them to https://submit.case-review.com/post; the attack used an embedded HTML form to evade URL-based filtering.