Security News

QR code attacks target organizations in ways they least expect
2024-02-13 04:00

QR code attacks are the latest evolution of traditional phishing, where threat actors use social engineering to manipulate targets into interacting with malicious QR codes. While every employee is at risk, C-Suite executives were 42 times more likely to receive QR code attacks than the average employee.

Spam is up, QR codes emerge as a significant threat vector
2023-09-04 04:30

85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information technology organizations also overtook financial institutions as the most targeted sector for phishing in Q2 as compared to VIPRE's previous quarterly report.

Major US Energy Company Hit by QR Code Phishing Campaign
2023-08-24 21:29

Cofense, a U.S.-based email security company, released a new report about a massive QR code phishing campaign that targets numerous industries. QR codes are not often used in phishing campaigns; cybercriminals tend to use them more in day-to-day life, leaving QR codes in different places so curious people will scan them and possibly get scammed or infected by malware.

Phishers use QR codes to target companies in various industries
2023-08-17 09:31

A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. "The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively," said Nathaniel Raymond, cyber threat intelligence analyst at Cofense.

Major U.S. energy org targeted in QR code phishing attack
2023-08-16 14:16

A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security. According to Cofense, who spotted this campaign, this is the first time that QR codes have been used at this scale, indicating that more phishing actors may be testing their effectiveness as an attack vector.

QR codes used in fake parking tickets, surveys to steal your money
2023-05-08 15:32

As QR codes continue to be heavily used by legitimate organizations-from Super Bowl advertisements to enforcing parking fees and fines, scammers have crept in to abuse the very technology for their nefarious purposes. A woman in Singapore reportedly lost $20,000 after using a QR code to fill out a "Survey" at a bubble tea shop, whereas cases of fake car parking citations with QR codes targeting drivers have been observed in the U.S. and the U.K. Striking while you're asleep.

Threat actors are experimenting with QR codes
2023-03-21 04:30

The rise of QR scan scams: Since October 2022, HP has seen almost daily QR code "Scan scam" campaigns. These scams trick users into scanning QR codes from their PCs using their mobile devices - potentially to take advantage of weaker phishing protection and detection on such devices.

QR Code Scam
2022-12-28 18:14

The number of eggs you get from a laying bird their size and quality changes significantly. Such birds are not considered "Cosmetically viable" or "Not worth the feed" you can by these hens at livestock markets for eating or pets, make sure you make clear what you want it for, othereise they might wring the birds neck as a service.

SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
2022-08-11 04:30

In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines QR codes and OAuth 2.0 device code flow for advanced phishing attacks. If you're at Black Hat USA 2022, you can learn more about SquarePhish.

Tencent admits to poisoned QR code attack on QQ chat platform
2022-06-28 04:31

Chinese web giant Tencent has admitted to a significant account hijack attack on its messaging and social media platform. In a post to rival social media platform Sina Weibo - a rough analog of Twitter - Tencent apologized for the incident.