A recent phishing campaign utilizing QR codes has targeted a major US-based energy company and has seen a 2400% increase in volume since its inception in May 2023. The campaign involves sending emails posing as Microsoft security, containing QR codes that redirect users to seemingly legitimate domains. However, attackers weaponize these domains for phishing attacks.
Cybersecurity experts recommend a multi-faceted defense approach. This includes QR code scanners and user education to counter this still-emerging threat.
Why it matters: This phishing campaign’s innovative use of QR codes shows us once again that cybercriminals will continue to shift tactics. Exploiting users’ trust in familiar technology, making them more susceptible to phishing. Recognizing that not all security controls can identify malicious QR codes, organizations must not assume their security measures are sufficient. Encouraging employees not to scan QR codes from unsolicited emails is crucial in safeguarding both corporate and individual security.
- Cofense, a cybersecurity company, reveals that the energy sector was the target of over 29% of the malicious emails, surpassing a total of 1000. The campaign also impacted other industries, including manufacturing, insurance, technology, and financial services.
- Phishing emails lead users to apparently genuine domains like Bing and Salesforce, which have been turned into tools for the attacks. This approach has a twofold intention: it leverages users’ confidence in reputable platforms to make the scam more believable and redirects victims to these trustworthy domains, creating a misleading sense of security. As a result, it becomes notably difficult for individuals to recognize the deceitful character of the emails.
- The attack’s psychological aspect is important as it exposes cybercriminals’ exploitation of both technological weaknesses and the human element in cybersecurity. Users tend to be less cautious and more obedient when they perceive interactions with trusted sources.
Go Deeper —> QR Code Campaign Targets Major Energy Firm – Infosecurity Magazine