Phishing attackers have found a new method to infiltrate their targets. In an unprecedented move, a major U.S. energy company was subjected to a QR code phishing attack that utilized QR codes to bypass traditional email security tools.
The QR Code Phishing Attack: Details and Scope
Out of 1,000 malicious emails, 29% were directed at this specific energy giant, while the remaining attacks were aimed at manufacturing firms (15%), insurance companies (9%), tech businesses (7%), and financial services providers (6%).
Cofense, the cybersecurity company that discovered this assault, has pointed out that this is the first time QR codes have been employed at this level, indicating that other cybercriminals may soon follow suit.
The Victim of QR Code Phishing Attack
Though the name of the targeted company has not been disclosed, it has been described as a “major” U.S.-based entity in the energy sector.
How the QR Codes Were Used in Phishing
The attack began with an email, urging the recipient to update their Microsoft 365 account settings. Each email contained either a PNG or PDF attachment with a QR code, urging the recipient to scan it within 2-3 days, creating a sense of urgency.
What makes this attack unique is the use of QR codes embedded in images, allowing them to sneak past email security tools scanning for known malicious links.
To further evade security, the QR codes in this attack utilized redirects through Bing, Salesforce, and Cloudflare’s Web3 services, guiding the targets to a fraudulent Microsoft 365 page.
Previous Instances of QR Code Phishing Attack
QR codes have been employed in phishing before, but on a smaller scale. Previous attempts have been made in France and Germany. Here criminals have used QR codes to direct victims to websites designed to steal money.
The FBI gave warning earlier, in January 2022, of an increase in the use of QR codes by cybercriminals. This is to snatch credentials and financial information.
The Challenges and Solutions of QR Code Phishing Attack
While QR codes can bypass protections, they still require the victim’s action. This makes well-trained staff a crucial factor in preventing successful attacks. Modern smartphones usually prompt users to verify the destination URL before launching the browser, adding a layer of defense.
Cofense also advocates for the use of image recognition tools in phishing protection measures. Although they admit that these tools are not foolproof against all QR code threats.
Conclusion
This recent incident underscores the innovative and evolving tactics used by cybercriminals. It’s a stark reminder that security measures must adapt and evolve to counter these emerging threats.
By targeting a major energy company in the U.S., the attackers have sent a clear message. It is about the scale and sophistication of their operations. The introduction of QR codes in phishing is an alarming development. It calls for immediate attention and action from both individuals and organizations.
In a world where cyber threats continue to evolve, staying informed and vigilant is more critical than ever. The integration of education, technology, and awareness can form a robust defense against the ever-adaptive landscape of cybercrime.
