Curated Content | Thought Leadership | Technology News

Search
Close this search box.

Sign In

Curated Content | Thought Leadership | Technology News

Targeted Phishing Campaign: Don’t Take the Bait

Coming to an email near you.
Eric Slorahn
Eric Slorahn
Contributing Writer

A recent phishing campaign utilizing QR codes has targeted a major US-based energy company and has seen a 2400% increase in volume since its inception in May 2023. The campaign involves sending emails posing as Microsoft security, containing QR codes that redirect users to seemingly legitimate domains. However, attackers weaponize these domains for phishing attacks.

Cybersecurity experts recommend a multi-faceted defense approach. This includes QR code scanners and user education to counter this still-emerging threat.

Why it matters: This phishing campaign’s innovative use of QR codes shows us once again that cybercriminals will continue to shift tactics. Exploiting users’ trust in familiar technology, making them more susceptible to phishing. Recognizing that not all security controls can identify malicious QR codes, organizations must not assume their security measures are sufficient. Encouraging employees not to scan QR codes from unsolicited emails is crucial in safeguarding both corporate and individual security.

  • Cofense, a cybersecurity company, reveals that the energy sector was the target of over 29% of the malicious emails, surpassing a total of 1000. The campaign also impacted other industries, including manufacturing, insurance, technology, and financial services.
  • Phishing emails lead users to apparently genuine domains like Bing and Salesforce, which have been turned into tools for the attacks. This approach has a twofold intention: it leverages users’ confidence in reputable platforms to make the scam more believable and redirects victims to these trustworthy domains, creating a misleading sense of security. As a result, it becomes notably difficult for individuals to recognize the deceitful character of the emails.
  • The attack’s psychological aspect is important as it exposes cybercriminals’ exploitation of both technological weaknesses and the human element in cybersecurity. Users tend to be less cautious and more obedient when they perceive interactions with trusted sources.

Go Deeper —> QR Code Campaign Targets Major Energy Firm – Infosecurity Magazine

Save

Save

Sign in to comment

×
You have free article(s) left this month courtesy of CIO Partners.

About TNCR

Manage My Account

Sign In

Profile

Saved Articles

Explore TNCR

STAY IN TOUCH

NationalCIOReview.com Copyright (c) 2024 All Rights Reserved.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Unlimited Access

Digital Annual

$10.00/ month

Billed Annually

Unlimited Access

Learn More

45 - 9x5
55 CIOs On the Move
DHS, Four Seasons Hotels, Kohl's, and New Haven, Connecticut.

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters