publishing date icon
June 2, 2023
read time icon
5 min. read

Threat feed week 22: Microsoft impersonations and website registration phishing

Post hero image

Table of contents

share this post

Microsoft QR code phishing email

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Malicious QR code

Region: Global

Analyst: Suvi Hakala

Date: 31.05.2023

Similar to the phishing email from last week, this email attempts to impersonate Microsoft and uses a QR code to deliver the payload. The message claims the recipient has a security alert and must scan the QR code for multi-factor authentication.

Scanning the code redirects the recipient to an unbranded Microsoft credential harvester.

Microsoft email quarantine impersonation

Hox rating: ★★✩✩

Threat type: Advanced campaign

Payload: Malicious link

Region: Global

Analyst: Minna Herlevi

Date: 02.06.2023

This phishing email is impersonating an automated Microsoft email quarantine notification.

It contains a call to action with a short time limit, as the user is asked to take action to prevent service interruption. The payload is a malicious link within the ‘Release’ button.

China Registry service impersonation

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Pretext

Region: Europe

Analyst: Julia Kylmälä

Date: 02.06.2023

The message claims that someone has tried registering a domain resembling the target company’s name in China.

This is a known scheme and will lead to the phisher offering to sell the domain to the recipient instead.

Keep up with the threat feed

Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.