Fake Lattice / Culture Amp performance management subscription payment failed, performance review cycle suspended, OKRs and employee surveys inaccessible, or employee data at risk phishing

Phishing emails impersonating Lattice or Culture Amp claiming the performance management subscription payment has failed, performance reviews are suspended, OKRs are inaccessible, employee surveys are disabled, the performance review cycle has been halted, or employee data is at risk — directing them to update billing or restore access through a credential-harvesting portal. A distinct attack category targeting HR performance management platforms that run quarterly and annual employee review cycles. Key facts: (1) Lattice serves 5,000+ companies ($11/person/month for Performance, $19/person/month for Engagement) as the dominant performance management platform for tech-forward companies — Lattice is where managers write performance reviews, set OKRs, run 1:1 meeting agendas, and make compensation review decisions; a 'your Lattice performance review cycle has been suspended' email during Q1 or Q4 annual review season creates maximum urgency because performance review cycles run on a fixed schedule and every employee is waiting for their review; (2) The 'employees cannot complete their performance reviews' hook targets HR teams and People Ops administrators at a moment of extreme organizational sensitivity — annual reviews are the event that determines compensation, promotions, and in some cases terminations; a suspended review platform means the entire people management process stalls; (3) Culture Amp serves 6,500+ companies ($5,000-50,000+/year) with particular strength in engagement survey deployment — Culture Amp's employee engagement surveys are scheduled events that entire companies participate in; a 'your Culture Amp subscription has failed and employee surveys are suspended' email disrupts the survey cycle that feeds the executive team's engagement data; Culture Amp credentials expose engagement scores by department, manager effectiveness ratings, and retention risk signals (which employees are most likely to leave); (4) Lattice's compensation management module (Growth plans) means Lattice credentials also expose compensation review decisions for every employee — salary ranges, raise amounts, and promotion decisions for the current review cycle; (5) Performance management data is among the most sensitive HR data: performance ratings used in PIPs (Performance Improvement Plans), manager effectiveness scores, flight risk assessments, and compensation history for every employee. Warning signs: sender not latticehq.com/cultureamp.com; genuine Lattice billing at lattice.com/settings/billing; Culture Amp billing at account.cultureamp.com.