QR code DHL postal service impersonation
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious QR code
Region: Global
Analyst: Suvi Hakala
Date: 21.08.2023
This phishing email attempts to impersonate the postal service provider DHL. It claims they couldn’t deliver a package from the recipient’s client due to an incorrect address.
The recipient is urged to scan the QR code to receive their parcel.
Fake internal storage notification
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Global
Analyst: Suvi Hakala
Date: 21.08.2023
This phishing email looks like an internal notification informing the recipient their mailbox storage is full.
The sender domain is spoofed to look like the email is sent from an internal admin address. The payload is hosted on the domain cloudflare-ipfs.com, which is registered by Cloudflare.
DocuSign impersonation
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Global
Analyst: Minna Herlevi
Date: 25.08.2023
This phishing email impersonates DocuSign, informing the recipient they have a completed document. The body of the email consists of an image to make it look like a legitimate DocuSign notification.
When hovering over the image, the malicious link becomes visible—it uses an open redirect through Baidu to lead the victim to the actual payload.
Keep up with the threat feed
Don't miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. These are selected from the latest phishing attacks reported by the global Hoxhunt human threat detection network. Stay informed and stay safe!