Electricity Invoice Phishing
Hox rating: ★✩✩✩
Threat type: Bulk phishing
Region: Global
Analyst: Jon Gellin
Date: 14.04.2023
This phishing message, disguised as an electrical invoice notification, seems to be sent from a utility company, informing the recipient of an outstanding bill. The email contains a call to action, urging the user to click a provided link to view and pay the invoice.

But, upon clicking the link, the user is sent to a malicious website designed to harvest sensitive information, such as login credentials and financial data.
Confidential Banking Message Phishing
Hox rating: ★★✩✩
Threat type: Advanced campaign
Region: Nordics
Analyst: Suvi Hakala
Date: 14.04.2023
This phishing email, sent in the name of OP Group, a Finnish bank, claims the recipient received a new confidential message and that they can open it through the included link.
It urges the recipient to click the link within 14 days. But this link leads to a malicious webpage, which harvests the recipient’s banking credentials and sensitive personal data.

The email template was copied from a real confidential email notification, and that's why it looks legitimate. Translating the text into three languages means reaching more potential targets.
Keep up with the threat feed
Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!