Phishing via calendar invite and Bitcoin credential harvester
Hox rating: ★✩✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Global
Analyst: Suvi Hakala
Date: 19.06.2023
This phishing email delivers its payload with an attached calendar invite. The message has an empty body, forcing the recipient to import the invite to see what the email is about.
The invite contains a link to a malicious Bitcoin site with a credential harvester.
ATG Credit debt collection impersonation
Hox rating: ★★✩✩
Threat type: Advanced campaign
Payload: Pretext
Region: Europe
Analyst: Reetta Sainio
Date: 21.06.2023
We identified a recent phishing campaign, where a suspicious email claiming to be from ATG Collections, a debt collection agency, targeted recipients with a fake unpaid invoice message. The email, written in Dutch, aimed to create a sense of urgency, a common tactic in phishing attacks.
Telltale signs of malicious intent included the mismatched email domain and the language of the email, as ATG Credit primarily communicates in English and Spanish, making a Dutch email highly suspicious.
Manchester Magistrates' Court impersonation and identity theft cash settlement
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Pretext
Region: Global
Analyst: Julia Kylmälä
Date: 22.06.2023
The email claims to be from a magistrate’s office, offering a settlement amount of money from an identity theft case. This is a known phishing pretext, as the scam is well known.
In this case, the attacker uses a domain that looks similar to the real thing—typosquatting or flash attack—to lend authenticity to the email.
Keep up with the threat feed
Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!