Scammers are ahead of the game, launching phishing emails themed around Pride Month before it officially begins on June 1, 2026. These emails exploit diversity messaging to trick employees into revealing their login credentials. Mimecast, a cybersecurity firm, has tracked this campaign since mid-December 2025, revealing that 21% of the targeted organizations are based in the UK, making it one of the hardest-hit countries alongside the United States. The attackers use compromised SendGrid accounts to distribute these malicious emails, leveraging the trusted platform to evade detection. The phishing campaign unfolded in two distinct phases. Initially, in December 2025, it targeted 504 organizations, primarily in financial services and consulting, likely testing its approach. By January 2026, the scope expanded dramatically to 4,768 organizations across multiple countries, including Germany, Australia, and South Africa. The messages became more sophisticated, featuring persona-based subject lines to mimic real individuals, which helped bypass email filters. Victims are led through CAPTCHA pages before landing on sites designed to steal their credentials. While the specific group behind these attacks remains unidentified, their methods resemble those used by known threat actors like Scattered Spider and CryptoChameleon. Mimecast has ramped up detection measures to combat these campaigns but emphasizes that technology alone won't suffice. Employee awareness is essential; individuals must approach unexpected policy updates cautiously and verify any unusual emails through their HR or IT departments to prevent account compromises.