In today’s world of the increasing need for immediate interaction the Quick Response (QR) Code is indispensable for seamless interactions. We see these codes everywhere, from making Venmo payments, accessing menus, and reaching websites. However, they are now known as a source for sophisticated cyber attackers that exploit unsuspecting individuals by using trust in our technology.
Check Point's Harmony Email team has reported a significant increase in QR code phishing attacks, with a 587% spike observed from August to September 2023. These attacks, known as quishing and QRLJacking, involve QR codes that redirect victims to malicious websites aimed at stealing login information.
Attackers are sending emails with QR codes that falsely claim users need to re-authenticate due to expiring Microsoft multi-factor authentication. By mimicking Microsoft's security alert in the email body and using a different sender's address, attackers intentionally mislead victims. This social engineering tactic capitalizes on the trust placed in QR codes and the regularity of security updates.
The below request to set up 2FA authentication has a convincing appearance with a sense of urgency to do it in two days to avoid being locked out. The visual formatting, the stolen use of a trusted logo, and the message look real.
The widespread use of QR codes in the U.K and Europe makes them an attractive target for exploitation. In fact, nearly 87% of smartphone users in these regions have interacted with a QR code, with over a third doing so weekly. This prevalence makes QR codes a prime vector for attackers to carry out their malicious activities.
Relevance
Phishing Campaigns
Recommendations
User Awareness Training
NEVER scan a QR code from an unfamiliar source.
Verify the source before scanning, just as you should with an email attachment.
Confirm through separate communication with the sender for validation.
Report any suspicious activity.
Reference
1. QR Code-based Phishing Attains 587% Hike, Reports Check Point. (2023, October 30). Cyware Labs. https://cyware.com/news/qr-code-based-phishing-attains-587-hike-reports-check-point-3b4b2667
2. The Rise in QR Code Attacks. (2023, October 26). Avanan: A CheckPoint Company. https://www.avanan.com/blog/the-rise-in-qr-code-attacks
How can CyberForce|Q services help you address this risk?
Incident Response is a time-based situation and CyberForce|Q can assist with a potential incident in your environment. Our experienced Incident Response Team can be deployed 24x7x365 – reach out to solutions@cyberforceq.com.
Learn more about CyberForce|Q.