Danske Bank impersonation
“Danske Bank : ID05838456765-744326FI”
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Finland
Date: Feb. 12, 2024
In this phishing email the attacker impersonates Danske Bank and creates a sense of false urgency with bogus information security measures in order to get the recipient's banking details:
"In accordance with our online security measures, from 1.2.2024 this year, all cards will be blocked from using online payments, until you enter the blocked ones into our security. Activate it by following these simple steps:"
Analyst: Wivi Koenkytö
Finnish Tax Administration impersonation
"Kiireellinen tiedote: Verotietojen päivityspyyntö" TRANSLATION: “Urgent notice: tax information update request”
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Finland
Date: Feb. 09, 2024
In this phishing email, the attacker interestingly uses Otter(.)ai in sending the malicious content to the recipient. Otter is company that provides applications that transcribes meetings from speech to text by using AI and machine learning. As this is a legitimate service, it has been taken advantage to pass spam filters in email boxes.
TRANSLATION FROM FINNISH: "Dear taxpayer, We would like to inform you that you have received a new message regarding a possible tax penalty. In order to be able to get comprehensive information about the message and investigate the matter in more detail, we ask you to log in to your personal online account. Click to see the message on the official website personal tax [MALICIOUS LINK] Best regards, Finnish Tax Administration"
Analyst: Wivi Koenkytö
Die Post impersonation
“Sie haben (1) ein Paket, das sich im Die Post Distributionszentrum befindet!!!”
TRANSLATION: "You have (1) a package that is in the Die Post distribution center. Use your barcode to track and receive your package."
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Europe
Date: Feb. 12, 2024
Die Post is a Swiss postal service whose well-known and trusted brand is impersonated in this phishing email by an attacker seeking the recipient's credentials. The recipient is told that they can track and receive their 'package' by using the given barcode. The link to track the 'package is actually a link to a credential harvester.
Analyst: Wivi Koenkytö
FedEX impersonation
"Verfolgen Sie Ihre Sendung" TRANSLATION: Track your shipmenT
Hox rating: ★★✩✩
Threat type: Bulk phishing
Payload: Malicious link
Region: Central Europe
Date: Feb. 13, 2024
In this phishing email, the attacker impersonates FedEx in order to steal the recipient's banking details.
"The package sent to you has been delivered to FedEx and should be delivered within 48 hours. Please confirm the payment (4.99 euros) via the link below within a maximum of 14 days before expiry."
Analyst: Wivi Koenkytö
Keep up with the threat feed
Don’t miss the next threat feed, and subscribe to our newsletter for the latest feed and cybersecurity content. Stay informed and stay safe!