Researchers from Cofense observed a new phishing campaign that abuses QR codes to redirect users to phishing pages bypassing security controls that blocks suspicious or blacklisted domains.
How does it work?
Worth noting
Researchers noted that most of the smartphone QR code scanner apps instantly redirect users to the malicious website via the phone’s native browser.
“Though the user may now be using their personal device to access the phish, they are still in the “corporate” mindset as the original email was received at their business email address. Therefore, it is highly likely that the victim would input their corporate account credentials to attempt to access this document,” researchers said in a blog.
Publisher