Fraud Alert Phishing Email Redirecting Users to Banking-Themed Credential Trap

A targeted phishing campaign on 11 April 2026 sent fraudulent 'fraud alert' emails to treasury and finance staff directing victims to https://secure-payment-alerts.com/verify, a spoofed banking portal that logged usernames, passwords, and challenge-response values; subsequent unauthorized access attempts were observed from the suspected IP range 103.90.72.0/24.