Security News

A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. "The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively," said Nathaniel Raymond, cyber threat intelligence analyst at Cofense.

A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security. According to Cofense, who spotted this campaign, this is the first time that QR codes have been used at this scale, indicating that more phishing actors may be testing their effectiveness as an attack vector.

As QR codes continue to be heavily used by legitimate organizations-from Super Bowl advertisements to enforcing parking fees and fines, scammers have crept in to abuse the very technology for their nefarious purposes. A woman in Singapore reportedly lost $20,000 after using a QR code to fill out a "Survey" at a bubble tea shop, whereas cases of fake car parking citations with QR codes targeting drivers have been observed in the U.S. and the U.K. Striking while you're asleep.

The rise of QR scan scams: Since October 2022, HP has seen almost daily QR code "Scan scam" campaigns. These scams trick users into scanning QR codes from their PCs using their mobile devices - potentially to take advantage of weaker phishing protection and detection on such devices.

The number of eggs you get from a laying bird their size and quality changes significantly. Such birds are not considered "Cosmetically viable" or "Not worth the feed" you can by these hens at livestock markets for eating or pets, make sure you make clear what you want it for, othereise they might wring the birds neck as a service.

In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines QR codes and OAuth 2.0 device code flow for advanced phishing attacks. If you're at Black Hat USA 2022, you can learn more about SquarePhish.

Chinese web giant Tencent has admitted to a significant account hijack attack on its QQ.com messaging and social media platform. In a post to rival social media platform Sina Weibo - a rough analog of Twitter - Tencent apologized for the incident.

Is there such a thing as moving or animated QR codes? And could they work? The GIF shown below contains an animated QR code with moving frames that some might recognize-a sequence from Rick Astley's famous Never Gonna Give You Up music video.

QR codes have become ubiquitous, driven to even wider use by pandemic concerns. Lots of restaurants now offer their menu through QR codes, sometimes only on QR codes.

They're stealing Citi Bikes by switching the QR scan codes on two bicycles near each other at a docking station, then waiting for an unsuspecting cyclist to try to unlock a bike with his or her smartphone app. The app doesn't work for the rider but does free up the nearby Citi Bike with the switched code, where a thief is waiting, jumps on the bicycle and rides off.