Security News
85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information technology organizations also overtook financial institutions as the most targeted sector for phishing in Q2 as compared to VIPRE's previous quarterly report.
Cofense, a U.S.-based email security company, released a new report about a massive QR code phishing campaign that targets numerous industries. QR codes are not often used in phishing campaigns; cybercriminals tend to use them more in day-to-day life, leaving QR codes in different places so curious people will scan them and possibly get scammed or infected by malware.
A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. "The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively," said Nathaniel Raymond, cyber threat intelligence analyst at Cofense.
A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security. According to Cofense, who spotted this campaign, this is the first time that QR codes have been used at this scale, indicating that more phishing actors may be testing their effectiveness as an attack vector.
As QR codes continue to be heavily used by legitimate organizations-from Super Bowl advertisements to enforcing parking fees and fines, scammers have crept in to abuse the very technology for their nefarious purposes. A woman in Singapore reportedly lost $20,000 after using a QR code to fill out a "Survey" at a bubble tea shop, whereas cases of fake car parking citations with QR codes targeting drivers have been observed in the U.S. and the U.K. Striking while you're asleep.
The rise of QR scan scams: Since October 2022, HP has seen almost daily QR code "Scan scam" campaigns. These scams trick users into scanning QR codes from their PCs using their mobile devices - potentially to take advantage of weaker phishing protection and detection on such devices.
The number of eggs you get from a laying bird their size and quality changes significantly. Such birds are not considered "Cosmetically viable" or "Not worth the feed" you can by these hens at livestock markets for eating or pets, make sure you make clear what you want it for, othereise they might wring the birds neck as a service.
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines QR codes and OAuth 2.0 device code flow for advanced phishing attacks. If you're at Black Hat USA 2022, you can learn more about SquarePhish.
Chinese web giant Tencent has admitted to a significant account hijack attack on its QQ.com messaging and social media platform. In a post to rival social media platform Sina Weibo - a rough analog of Twitter - Tencent apologized for the incident.
Is there such a thing as moving or animated QR codes? And could they work? The GIF shown below contains an animated QR code with moving frames that some might recognize-a sequence from Rick Astley's famous Never Gonna Give You Up music video.