Microsoft QR code impersonation
Hox rating: ★★✩✩
Threat type: Advanced campaign
Payload: Malicious QR code
Region: Global
Analyst: Suvi Hakala
Date: 24.05.2023
This phishing email pretends to be from Microsoft and uses a QR code to deliver the payload. The message claims the recipient must review a security update and perform a security authentication by scanning the QR code.
![From: [COMPANY] Online Notification Microsoft Security Authenticationl Scan Me you are being held responsible to review security [RECPIPIENT.NAME], update as of 01/06/2023. Quickly scan above QR Code with your phone camera. Review security requirements within 4 days of the received date by going to Account manager in the Security Center. [COMPANY]S 2023 Microsoft Corporation. All rights reserved. Privacy Statement](https://assets-global.website-files.com/6130a9118b1be9aebe2c2837/64b12eae023761b2c3bb07db_week21-1.png)
Scanning the code redirects the recipient to a Microsoft credential harvester personalized to look like the actual login page of the company.
DHL delivery fee impersonation
Hox rating: ★✩✩✩
Threat type: Bulk phishing
Payload: Malicious Link
Region: Global
Analyst: Suvi Hakala
Date: 22.05.2023
This phishing email attempts to impersonate the postal service provider DHL. It claims the recipient has a package with unpaid delivery fees and urges them to click the link to pay them.
The link leads to a malicious page that actually charges the recipient a fraudulent delivery fee.
Keep up with the threat feed
Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!