Yet Another Phishing Campaign by Hackers That Abuses QR Codes To Redirect Targets to Phishing Landing Pages
with yet another phishing campaign that misuses QR codes to divert the targets
to phishing landing pages. Researchers responsible for discovering this crusade
distinguished that it quite effectively evades security solutions and controls
intended to stop such attacks in their tracks.
target on the French Cofense customers to dodge the security software which
dissects and accordingly blocks suspicious
or ‘blacklisted areas’ .
would redirect them to the
domain intended to act like a SharePoint-related site.
a “Review Important Document” headline and a message body which would
welcome potential victims to “Scan
Bar Code to View Document.”
computers thusly enables the cybercriminals to adequately sidestep any link
protection services ,secure email portals, sandboxes, or web content filters
set up by the targets’ corporate information security department.
against mobile users, the attackers have likewise upgraded their landing pages
for smartphones with the phishing page and thus providing a custom view on the
|Phishing landing page|
human-driven phishing defense solutions world-wide, state that QRishing is a
fairly notable technique utilized by cybercriminals to abstain from phishing
filters and security solutions build especially to block such attacks before
the pernicious emails reach the targets’ inboxes.
|Phishing landing page on a mobile|
Along these lines , a conceivable protection against them
named QRCS (Quick Response Code Secure), which would be “a universal
efficient and effective solution focusing exclusively on the authenticity of
the originator and consequently the integrity of QR code by using digital signatures,
“was proposed in a paper from the Carnegie Mellon University’s CyLab Study ,
which could perhaps prove to be valuable later on in the future.