Cofense told how a harmless tool makes life easier not only for us, but also for scammers.
Specialists from Cofense discovered a large-scale phishing campaign using malicious QR codes. The codes that attackers distribute via emails redirect victims to a fake site. Next, users are prompted to enter their Microsoft credentials.
The goal of hackers is to obtain passwords from employees of large companies, in particular, from the US energy industry. According to expert Nathaniel Raymond, 29% of tracked emails lead to a specific American firm, but its name was not disclosed.
QR codes became popular during the COVID-19 pandemic, when many establishments switched to an online menu and began checking electronic certificates. We are accustomed to scanning them under any pretext, without thinking about the risks. Hackers quickly adapted to the new trend and began to use it for their own purposes.
The scammers encrypted the phishing links in such a way that they appeared to be legitimate. This made QR codes easier to pass through spam filters than direct links.
According to Raymond, the scale of the campaign is constantly growing - by 270% per month. So far, a specific grouping has not been calculated.
Expert Avishai Avivi stressed that the Cofense report shows an alarming trend. Many applications and even security services also use QR codes.
In addition to the energy sector, emails with phishing QR codes were received by companies in other industries: 15% - the manufacturing industry, as well as enterprises in the insurance, technology and financial sectors. Analysts believe that the actual number of organizations attacked could be much higher.
Users are advised to exercise caution when scanning QR codes, especially from messages with suspicious topics. The management of large companies should tighten the filtering of letters and monitoring of cyber threats.
Such attacks are a relatively new but effective method of phishing. There are likely to be more campaigns using this trick in the near future.
Specialists from Cofense discovered a large-scale phishing campaign using malicious QR codes. The codes that attackers distribute via emails redirect victims to a fake site. Next, users are prompted to enter their Microsoft credentials.
The goal of hackers is to obtain passwords from employees of large companies, in particular, from the US energy industry. According to expert Nathaniel Raymond, 29% of tracked emails lead to a specific American firm, but its name was not disclosed.
QR codes became popular during the COVID-19 pandemic, when many establishments switched to an online menu and began checking electronic certificates. We are accustomed to scanning them under any pretext, without thinking about the risks. Hackers quickly adapted to the new trend and began to use it for their own purposes.
The scammers encrypted the phishing links in such a way that they appeared to be legitimate. This made QR codes easier to pass through spam filters than direct links.
According to Raymond, the scale of the campaign is constantly growing - by 270% per month. So far, a specific grouping has not been calculated.
Expert Avishai Avivi stressed that the Cofense report shows an alarming trend. Many applications and even security services also use QR codes.
In addition to the energy sector, emails with phishing QR codes were received by companies in other industries: 15% - the manufacturing industry, as well as enterprises in the insurance, technology and financial sectors. Analysts believe that the actual number of organizations attacked could be much higher.
Users are advised to exercise caution when scanning QR codes, especially from messages with suspicious topics. The management of large companies should tighten the filtering of letters and monitoring of cyber threats.
Such attacks are a relatively new but effective method of phishing. There are likely to be more campaigns using this trick in the near future.
