Tuesday, July 23, 2024
EHA

Huge Surge in Hackers Exploiting QR code for Phishing Attacks

Phishing has been one of the primary methods threat actors use for impersonating individuals or brands with a sense of urgency that could result in private information being entered on a malicious URL.

Phishing has been set with several preventive measures that block any phishing email inside an organization.

However, with evolving technologies, threat actors have equipped themselves with the right tools that can help them evade any preventive mechanisms and prevent any individuals from giving up their confidential information. One of the latest techniques used by threat actors is Quishing or QR-based phishing

Document
Live Account Takeover Attack Simulation

How do Hackers Bypass 2FA?

Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks.

QR-based Phishing Surges

There has been a big surge in Quishing attacks due to the evasion technique it offers and the success ratio. QRs have boomed in the last three years and are now used in several places, such as MFA, for viewing menus at restaurants, Wi-Fi password scanning, contactless payments, and several other purposes.

This makes QRs more dangerous than usual, as victims have low suspicions of malicious QR codes that can steal confidential information from the victim. Quishing is another important factor that makes it one of the biggest weapons in a threat actor’s arsenal.

When a user receives an email with a malicious QR, he/she scans the QR using their mobile phone, which brings them out of the organization’s security circle since no organization monitors personal mobile phones.

Scanning a malicious QR takes them to a malicious website that impersonates a Microsoft or Google login page, prompting them to enter their credential.

Since QRs have low suspicions among executives, users enter their credentials that provide the threat actor with a valid credential to an organization.

Malicious Quishing email (Source: Abnormal Security)
Malicious Quishing email (Source: Abnormal Security)

C-Suite Targeted High

Though any employee could be a target of a Quishing attack, researchers revealed that C-suite members such as chief executive officer (CEO), Chief financial officer (CFO), Chief operating officer (COO), and Chief information officer (CIO) were highly targeted due to the level of privilege and access they possess.

Quishing Attack ratio (Source: Abnormal Security)
Quishing Attack ratio (Source: Abnormal Security)

Non-C-Suite VIPs, such as executive vice presidents, senior vice presidents, and department heads, were also heavily targeted with Quishing attacks.

Suppose threat actors gain access to one of these high-level credentials. In that case, they can initiate an internal as well as an external fraudulent request that could target many employees inside an organization.

QR-based phishing attacks have been published by Abnormal Security, which provides detailed information about the attack vector, credential compromise, percentage ratio of targets, and other information.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Website

Latest articles

Beware Of Dating Apps Exposing Your Personal And Location Details To Cyber Criminals

Threat actors often attack dating apps to steal personal data, including sensitive data and...

Hackers Abusing Google Cloud For Phishing

Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted...

Two Russian Nationals Charged for Cyber Attacks against U.S. Critical Infrastructure

The United States has designated Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members...

Threat Actors Taking Advantage of CrowdStrike BSOD Bug to Deliver Malware

Threat actors have been found exploiting a recently discovered bug in CrowdStrike's software that...

NCA Shut’s Down the Most Popular “digitalstress” DDoS-for-hire Service

The National Crime Agency (NCA) has successfully infiltrated and dismantled one of the most...

Play Ransomware’s Linux Variant Attacking VMware ESXi Servers

A new Linux variant of Play ransomware targets VMware ESXi environments, which encrypts virtual...

SonicOS IPSec VPN Vulnerability Let Attackers Cause Dos Condition

SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN....
Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles