publishing date icon
June 23, 2023
read time icon
5 min. read

Threat feed week 25: Bitcoin credential harvester, ATG debt collection, and Manchester Court impersonation

Author image
Threat Analyst Team
Post hero image

Table of contents

share this post

Phishing via calendar invite and Bitcoin credential harvester

Hox rating: ★✩✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Global

Analyst: Suvi Hakala

Date: 19.06.2023

This phishing email delivers its payload with an attached calendar invite. The message has an empty body, forcing the recipient to import the invite to see what the email is about.

The invite contains a link to a malicious Bitcoin site with a credential harvester.

ATG Credit debt collection impersonation

Hox rating: ★★✩✩

Threat type: Advanced campaign

Payload: Pretext

Region: Europe

Analyst: Reetta Sainio

Date: 21.06.2023

We identified a recent phishing campaign, where a suspicious email claiming to be from ATG Collections, a debt collection agency, targeted recipients with a fake unpaid invoice message. The email, written in Dutch, aimed to create a sense of urgency, a common tactic in phishing attacks.

Phishing via calendar invite and Bitcoin credential harvester

Telltale signs of malicious intent included the mismatched email domain and the language of the email, as ATG Credit primarily communicates in English and Spanish, making a Dutch email highly suspicious.

Manchester Magistrates' Court impersonation and identity theft cash settlement

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Pretext

Region: Global

Analyst: Julia Kylmälä

Date: 22.06.2023

The email claims to be from a magistrate’s office, offering a settlement amount of money from an identity theft case. This is a known phishing pretext, as the scam is well known.

In this case, the attacker uses a domain that looks similar to the real thing—typosquatting or flash attack—to lend authenticity to the email.

Keep up with the threat feed

Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!

Subscribe to All Things Human Risk

Subscribe to our newsletter for a curated digest of the latest news, articles, and resources on human risk and evolving phishing threats in the ever-changing landscape.

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.