publishing date icon
July 21, 2023
read time icon
5 min. read

Threat feed week 29: Dropbox, Booking.com, and Microsoft impersonations

Post hero image

Table of contents

share this post

Dropbox service impersonation

Hox rating: ★★✩✩

Threat type: Bulk phishing

Payload: Malicious attachment

Region: Europe

Analyst: Julia Kylmälä

Date: 17.07.2023

The email claims to be from Dropbox Business, and directs the recipient to download an attachment.

Dropbox service impersonation

The attachment is a credential harvester.

Booking.com impersonation

Hox rating: ★★✩✩

Threat type: Advanced

Payload: Malicious link

Region: Global

Analyst: Reetta Sainio

Date: 17.07.2023

This phishing email attempts to impersonate the online travel agency Booking.com, exploiting its reputation to gain the trust of unsuspecting recipients. The email claims the recipient received a travel credit reward expiring shortly and asks them to claim it by clicking the provided link.

Booking.com impersonation

The theme of this phishing campaign is timely with the ongoing summer holidays.

Microsoft impersonation

Hox rating: ★✩✩✩

Threat type: Bulk phishing

Payload: Malicious link

Region: Global

Analyst: Minna Herlevi

Date: 21.07.2023

This phishing email warns the recipient that their Microsoft account's two-factor authentication needs to be updated.

Microsoft impersonation

In the email, the user is repeatedly prompted to update their account to avoid login interruptions. This tactic is commonly used to create a sense of urgency.

Keep up with the threat feed

Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!

Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.