publishing date icon
January 5, 2024
read time icon
5 min. read

Threat feed week 1: Paramount+, Netflix, and Apple impersonations

Post hero image

Table of contents

share this post

Paramount+ impersonation

Hox rating: ★★★✩

Threat type: Advanced campaign

Payload: Malicious link

Region: Global

Date: 03.01.2024

In this phishing email, the attacker gets the recipient's attention by claiming that they have been rewarded a free 90-day period of Paramount+ services as part of their "loyalty program".

Paramount+ impersonation

The link to 'extend' the membership actually leads to a credential harvester.

Analyst: Wivi Koenkytö

SharePoint + YouTube impersonation

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Global

Date: 03.01.2024

This email impersonates a SharePoint notification and contains a malicious link. Upon clicking, it redirects to YouTube, followed by a prompt asking if you wish to remain on YouTube or proceed to another site, which is malicious.

Analyst: Sampo Lenkola

Apple impersonation

Hox rating: ★★✩✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Asia

Date: 03.01.2024

This email is part of a deceptive campaign that impersonates Apple.

Apple impersonation

It contains a link that directs you to a fraudulent Apple website designed to harvest your credentials.

Analyst: Sampo Lenkola

Netflix impersonation

Hox rating: ★★★✩✩

Threat type: Advanced campaign

Payload: Malicious link

Region: Global

Date: 05.01.2024

This email impersonates Netflix, claiming that the recipient's membership is about to expire in "little less than two days".

Netflix impersonation

To renew their subscription, they are urged to click the link which takes them to a malicious website.

Analyst: Siiri L.

S-Pankki impersonation

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Finland

Date: 30.12.2023

This email claims to come from the Finnish bank, S-Pankki, informing the recipient of a new message in their S-Pankki inbox. To view the email, the recipient must click on the malicious link. The visuals of the email seem legitimate enough, but the grammar is quite bad.

S-Pankki impersonation

Analyst: Siiri L.

$3 billion ATM package arrival

Hox rating: ★✩✩✩

Threat type: Bulk phishing

Payload: Pretext

Region: Global

Date: 02.01.2024

This email claims that the recipient is the receiver of a $3 billion fund.

ATM package arrival scam

The recipient is told that in order the access the money, they will need to obtain the "Provision of Affidavit of Claim Certificate". To obtain it, they are told to buy a steam wallet card or Razor Gold Gift which would cost them $85.

Analyst: Siiri L.

Keep up with the threat feed

Don’t miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.