QR codes, or Quick Response codes, may look simple to use but do you know what is equally simple? To manipulate them for the benefit of miscreants. Recently, researchers uncovered an email-based phishing scam containing QR codes in a bid to steal users’ Microsoft credentials and other data.

What’s happening?

Abnormal reported that it blocked almost 200 emails, between September 15 and October 13, which were part of a phishing campaign.
  • Hackers attempted to lure unsuspecting users with messages containing QR codes offering access to a missed voicemail.
  • While trying to play the voice message, victims get redirected to a fake Microsoft landing page that prompts the victim to give away their credentials.

Evading detection by adding legitimacy

  • Criminals used compromised Outlook accounts to add legitimacy to the phishing emails, which also helped them bypass email security checks.
  • They leveraged enterprise survey services connected to Amazon and Google IP addresses to host the phishing pages.
  • The QR code images were apparently developed the same day of sending emails, most likely to avoid quick reporting and getting blocked by security systems.

Stealing cryptocurrency via fake QR codes

People in large numbers make their crypto transactions via QR codes associated with crypto accounts. Here are some tricks hackers used in the past to extract cryptocurrency from people.
  • In August, scammers were found requesting money from users by asking them to pay a visit to a Bitcoin ATM at a gas station equipped with a rogue QR code. A variety of similar incidents, including utility services and employment offers, among others, were brought to notice by Better Business Bureau.
  • Last year, a scammer introduced a network of fake bitcoin QR code generators to trick people out of their bitcoins.

Safety tips

Sure QR codes helped a lot during the pandemic for contactless payments, but let’s not turn a blind eye to how it can be exploited. If someone happens to scan a bad code, they might end up giving hackers access to the device.
  • One of the top tactics used by scammers for QR codes in public involves tampering with them by placing a new QR code over an original. Watch closely!
  • Wherever a QR code requests for login details, verify the web address. Avoid it, if possible.
  • When dealing with businesses, you can always confirm the code authenticity.

Cyware Publisher