Researchers discovered an email-based phishing scam: emails containing QR codes for pilfering users’ Microsoft details and other data.

Between September 15 and October 13, Abnormal reported that it warded off 200 emails that constituted the phishing scam.

Hackers tried to deceive unaware users with messages having QR codes, which seemed to offer access to a missed voicemail.

On clicking the voicemail, the user is tricked by what appears to be playing the message, but the user is directed to a false Microsoft landing page that seeks victims credentials.

A legitimacy appearance to emails containing QR codes

Hackers use compromised Outlook accounts to give phishing emails a semblance of legitimacy.

They used enterprise survey services linked to Amazon and Google IP addresses to host the phishing pages.

QR images were generated on the same day that emails were sent. Most likely, to evade reporting and blocking by the security system.

Stealing cryptocurrency via fake QR codes

Many people transact their crypto via QR codes linked to crypto accounts. Here are some tricks hackers used in the past to extract cryptocurrency from people from the article

  • “In August, scammers were found requesting money from users by asking them to pay a visit to a Bitcoin ATM at a gas station equipped with a rogue QR code. A variety of similar incidents, including utility services and employment offers, among others, were brought to notice by Better Business Bureau.
  • Last year, a scammer introduced a network of fake bitcoin QR code generators to trick people out of their bitcoins.”