Phishers use QR codes to target companies in various industries

2023-08-17 09:31

A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials.

"The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively," said Nathaniel Raymond, cyber threat intelligence analyst at Cofense.

Most of the embedded QR codes lead to Bing redirect URLs.

"Abusing trusted domains, using obfuscation tactics, coupled with hiding the URLs inside QR codes embedded into a PNG or PDF attachment, helps ensure that emails bypass security and make it into inboxes," Raymond noted.

What makes QR codes practical for threat actors is the fact that they can hide malicious links or can be hidden within images, allowing them to bypass email scanning solutions.

"While automation such as QR scanners and image recognition can be the first line of defense, it is not always guaranteed that the QR code will be picked up. Especially if it's embedded into a PNG or PDF file," said Raymond.

News URL

https://www.helpnetsecurity.com/2023/08/17/qr-codes-phishing/

#phisher #QR #qrcode