Search This Blog

Yet Another Phishing Campaign by Hackers That Abuses QR Codes To Redirect Targets to Phishing Landing Pages

Phishing security controls fully bypassed using QR Codes.


 Attackers come up with yet another phishing campaign that misuses QR codes to divert the targets to phishing landing pages. Researchers responsible for discovering this crusade distinguished that it quite effectively evades security solutions and controls intended to stop such attacks in their tracks.

The attackers previously utilized a URL encoded in a QR code target on the French Cofense customers to dodge the security software which dissects and accordingly blocks  suspicious or 'blacklisted areas' .

They even included a GIF image containing the QR code which would redirect them to the hxxps://digitizeyourart.whitmers[.]com/wp-content/plugins/wp-school/Sharepoint/sharepoint/index.php domain intended to act like a SharePoint-related site.

The phishing mails were disguised as a SharePoint email with a "Review Important Document" headline and a message body which would welcome potential victims to  "Scan Bar Code to View Document."
Phishing Email

Removing the victims from the overall safety of their computers thusly enables the cybercriminals to adequately sidestep any link protection services ,secure email portals, sandboxes, or web content filters set up by the targets' corporate information security department.

To make the attack considerably progressively fruitful against mobile users, the attackers have likewise upgraded their landing pages for smartphones with the phishing page and thus providing a custom view on the mobile devices.

Phishing landing page
Researchers from Cofense, the leading provider of human-driven phishing defense solutions world-wide, state that QRishing is a fairly notable technique utilized by cybercriminals to abstain from phishing filters and security solutions build especially to block such attacks before the pernicious emails reach the targets' inboxes.

Phishing landing page on a mobile

Along these lines , a conceivable protection against them named QRCS (Quick Response Code Secure), which would be "a universal efficient and effective solution focusing exclusively on the authenticity of the originator and consequently the integrity of QR code by using digital signatures, “was proposed in a paper from the Carnegie Mellon University's CyLab Study , which could perhaps prove to be valuable later on in the future.

Share it:

cybercriminals

phishing

Phishing emails

URL