Scammers are trying to steal email credentials from employees by impersonating their organization’s HR department in phishing emails camouflaged as internal ‘back to work’ company memos. Phishing emails delivered through this campaign spoof the victims’ company mail service and are designed to look like automated internal company memos with attached voicemails. The emails come with custom HTML attachments with each employee’s name, a technique designed to convince the recipients that the email is safe so that they open the attachment without thinking twice.
Source: https://www.bleepingcomputer.com/news/security/phishing-lures-employees-with-fake-back-to-work-internal-memos/