In a world where cyber threats lurk behind every click, a recent large-scale phishing campaign has caught the attention of cybersecurity researchers at Cofense. The campaign, which targeted a significant U.S. energy company among others, stood out due to its unique use of QR codes to bypass email security measures.
Phishing, the deceptive practice of sending emails purporting to be from reputable companies to induce individuals to reveal personal information, is a primary attack vector. It’s the starting point for nine out of ten cyberattacks. However, over the years, email security solutions have become adept at filtering out such malicious content. This means that most phishing emails, laden with harmful links or attachments, are intercepted before reaching their intended victims. But as the saying goes, necessity is the mother of invention. The increasing effectiveness of email security measures has spurred threat actors to devise innovative methods to slip past these digital gatekeepers.
Enter QR codes. These scannable codes, usually in the form of a .PNG or .JPG, can redirect a victim to a phishing site while evading detection by security systems. What’s more, the scale of this particular campaign was noteworthy. Thousands of emails were sent out, a rarity in phishing operations. Cofense reports that the attackers distributed approximately 1,000 emails. Almost a third of these (29%) were aimed at a single, prominent but undisclosed U.S. energy company.
The remaining emails were spread across companies in the manufacturing (15%), insurance (9%), technology (7%), and financial services (6%) sectors. The QR codes used in this campaign led victims to a malicious landing page designed to mimic a Microsoft 365 login page. The objective? To trick users into revealing their login credentials. The email recipients were informed they needed to update their account settings within three days, creating a false sense of urgency.
Fortunately, victims still need to take action to fall into the trap, which should be a challenge for well-informed employees. However, recent studies indicate that many workers continue to fall prey to such deceptive and dangerous emails. In this digital age, where cyber threats are constantly evolving, it’s crucial to stay vigilant and informed. And remember, the best firewall is a well-trained employee. Source: BleepingComputer