publishing date icon
June 9, 2023
read time icon
5 min. read

Threat feed week 23: Geek Squad, My eBox, and other service impersonations

Post hero image

Table of contents

share this post

Curiosity-based phishing message

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Global

Analyst: Reetta Sainio

Date: 06.06.2023

While seemingly harmless at first glance, this message masks a harmful phishing campaign. It targets unsuspecting individuals, bending their trust and using their curiosity to wrongly lure them into following a link.

Curiosity based phishing message

Given it's seemingly non-malicious appearance, the email proves how difficult it can be to spot the threat.

My eBox service impersonation

Hox rating: ★★★✩

Threat type: Advanced campaign

Payload: Malicious link

Region: Belgium

Analyst: Suvi Hakala

Date: 07.06.2023

This email pretends to be from My eBox, a Belgian electronic mailbox for government services. It urges the recipient to click the malicious link and uses forged authority by claiming the recipient has a new message in their secure mailbox.

Belgian My eBox service impersonation phishing messagea

The sender address is spoofed to look like a legitimate government address, and the payload link uses geotargeting to avoid directing non-Belgian users to the malicious site.

Fake secure internal message notification

Hox rating: ★✩✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Global

Analyst: Minna Herlevi

Date: 09.06.2023

This phishing email claims to be a secure internal message. In reality, it comes from a compromised external email account.

Internal secure message phishing email, Office Secure Protect

The button embedded in the email takes the user to an unrelated external website with a credential harvester.

Geek Squad subscription renewal notification

Hox rating: ★✩✩✩

Threat type: Bulk phishing

Payload: Malicious phone number

Region: Global

Analyst: Jon Gellin

Date: 09.06.2023

This email is part of a massive surge in phishing campaigns using subscription renewal notifications as a theme. The email pretends to be from Geek Squad, notifying the recipient that their subscription is due for renewal.

Geek Squad subsciption renewal notification phish

If the recipient attempts to cancel their subscription by calling the provided number, they're asked to share personal and financial details.

Keep up with the threat feed

Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.