Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label QR Codes. Show all posts

England Fans Warned Over 'Quishing' Scam Ahed of Euro Final

 

England football fans have been urged to be wary of a 'quishing' scam as they gather in pubs to watch the Euro 2024 final against Spain. The duping phenomenon has the potential to be devastating for victims, and it has caught supporters off guard amid scenes of flying beer as fans celebrated achieving Sunday's landmark. In certain places, the scam has already been going on as the national team advanced to the final four. 

And now that England has advanced to the final, fans have been warned to keep an eye out for the scam. It employs the now-familiar digital QR codes, but individuals scanning the code with their phones can also be duped into downloading malicious stuff via fake codes. 

This is not a new thing, but for fans watching the game in pubs, it can be worrying. It combines 'QR codes' and 'phishing'. Fake QR (quick response) codes could imitate an existing code, leading users to download malicious content. According to Cloudflare, their goal is to collect sensitive information such as passwords, financial data, or personally identifying information (PII). A code might also deceive victims when sent as an email or message. 

“Once this sensitive information is captured, attackers can exploit it for various malicious purposes, including identity theft, financial fraud, or ransomware,” Cloudfare added.

QR codes, which emerged during the coronavirus pandemic, were popular as a way to order food or drinks in bars. It may appear harmless, but it means that a once-harmless transaction now involves a possible risk. 

Scammers started using QR codes, which operate by inserting instructions within a black and white dot-based graphic, to trick customers. Smartphones, apps, and scanners transform QR codes into information that people can understand. However, the coders usually direct to websites, links to media, or buttons to download an app. 

According to TitanHQ, an anti-phishing platform, 84% of smartphone users have scanned a QR code at least once, with more than 34% scanning a QR code once every week. However, the ease with which QR codes are used has enabled criminals to indulge in phishing. 

These scams might have varying effects depending on the type, but the consequences can be serious for people who are targeted by scammers. Football fans will likewise be enthusiastic for Sunday's game, and many possibly have a few drinks before watching their team.

Phishing And The Threats of QR Codes

 

Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due to their ease of use and functionality. 

However, their widespread use has created a new channel for phishing attempts, namely QR code phishing (or quishing). With the NCSC recently warning of an increase in these attacks, businesses must grasp how QR codes can be used to compromise staff and what they can do to effectively protect against these rising threats. 

Leaders at risk from QR code attacks 

Quishing attacks, like traditional phishing campaigns, typically attempt to steal credentials by social engineering, in which an email is sent from a supposedly trusted source and uses urgent language to persuade the target to perform a specific action. 

In a quishing attack, the target is frequently induced to scan a QR code disguised as a fake prompt, such as updating an expired password or examining a critical file. The malicious QR code will then direct visitors to a counterfeit login page, prompting them to enter - and ultimately expose - their credentials. 

CEOs and senior executives, who have the system access, are naturally appealing targets due to the high value of account credentials. In fact, the study discovered that C-Suite members were 42 times more likely than other employees to receive QR code phishing assaults. 

Quishing attacks mainly follow the same standard phishing strategy, in which social engineering is employed to control the victim's actions. However, when it comes to QR code phishing, cybercriminals appear to prefer two methods. 

Data collected in the second half of 2023 revealed that QR codes were most commonly used in false notifications for MFA activity (27% of all QR assaults) and shared documents (21%). Whatever the explanation for the malicious code, the majority of QR assaults security experts detected are credential phishing attempts. 

Prevention tips 

The best defence is to keep these attacks from reaching their intended targets at all. However, it is becoming increasingly evident that these new phishing schemes outperform secure email gateways (SEGs) and other legacy email systems. Unfortunately, these safeguards were not intended to thoroughly detect QR code threats or assess the code's destination.

Businesses need to be aware that new threats like QR codes will outsmart many of the classic security solutions, forcing them to switch to more contemporary, dynamic strategies like AI-native detection technologies.

Beware of "Quishing": Fraudsters Steal Data Using QR Codes

 

The vulnerability of protected health data may be increased by the usage of QR codes, which are intended to speed up processes like picture file transfers but actually expose organisations' weak points in mobile device security.

A fake QR code that links people to a website that seems identical to the real thing might be substituted by cunning cybercriminals in order to intercept user data and patients' personal information. In a practice called "quishing," they can even incorporate fake QR codes inside emails that appear to be from trusted sources. 

QR code scam 

With a projected increase of more than seven times in 2022, "scan scams" are now virtually regular occurrences.

Patient data breaches, malware infestations, and identity theft are all risks posed by QR code phishing in particular to healthcare organisations and patients. Cybercriminals deceive clients or staff into scanning a QR code that takes them to a website that seems authentic and asks for personal information or log-in credentials. 

To access patient portals, provider networks, and other digital services, hackers steal sensitive data, including medical histories, insurance details, social security numbers, and other personal identity data. 

Patient data is an extremely alluring target since it has a market on the dark web. In fact, depending on the level of data, a single patient record can fetch up to $1,000 on the underground market. That sum of money is over 50 times greater than what is typically recorded on credit cards. 

Role of organisations 

Organisations can increase provider, carer, and patient communication and openness with the aid of QR codes. Employing a QR code generator with integrated capabilities like single sign-on, multi-factor authentication, custom domain, and user management can help healthcare organisations safeguard this technology. 

The second crucial component is a platform for QR codes with incident management tools and security measures that are subject to recurring in-depth examinations. But education also contributes to preventing QR code fraud.

Healthcare organisations must educate their staff members and patients on how to use QR codes safely, including how to spot and stay away from malware, phishing scams, and other security risks. 

Mitigation tips 

Patients should be encouraged to check the legitimacy of the QR codes they scan before providing personal information. There are also security and privacy problems because a lot of individuals open a link right away after scanning a QR code without even checking it. To determine whether a destination is reliable, patients should check the website or app URL linked to the QR code or use a reliable QR code scanner app. 

Additionally, patients must only scan QR codes from reputable websites and applications, such as the printed materials, website, or app of their healthcare practitioner. Patients shouldn't scan a QR code if it seems sketchy or is from an unknown source. 

Finally, patients should exercise caution when sharing sensitive information via a QR code, such as their medical history or insurance details. They should only provide this information to reputable healthcare practitioners who can vouch for its secure and encrypted transmission.

Threat Actors Use QR Codes to Steal Login Credentials

 

Hackers are distributing phishing mails having QR codes in a cyberattack campaign built to extract login details of Microsoft 365 cloud apps. Passwords and usernames for cloud services of entreprises have become a main target for hackers, exploiting these to launch ransomware and malware attacks, or by selling stolen login details to other threat actors, who exploit it for their own campaigns. 

Threat Actors are finding sneaky opportunities to scam victims into opening malicious links that lead to phishing websites built to look like genuine Microsoft login webpages, and smartly selling the login credentials. 

Cybersecurity experts at Abnormal Security analyzed a recent campaign, the researchers sent various phishing mails which tried to use QR codes built to evade mail protections and steal login details. QR codes are useful when it comes to attempts malicious tasks, as standard mail security regulations like URL scanners don't detect any hint of suspected links or attachments in the email. 

The campaign is operated via email accounts hacked earlier, which allows hackers to send mails from authentic user accounts of companies to give a look of authenticity to these mails, and users believe it to be legitimate. As of now, experts are yet to confirm how threat actors are able to get control of these accounts used for sending phishing mails. 

As per experts, these phishing mails contain a voicemail message from the email account admin sending the mail, the target is requested to scan a QR code for listening to the voice mail. The QR codes sent to the victims were also created the same day. An earlier variant of the campaign tried to scam users into opening a malicious link by hiding it in an audio file. 

But, antivirus softwares were able to find and identify the malicious files, which made threat actors turning to QR codes. "While using the QR codes method can more easily bypass email protections, the victim needs to follow many more steps before they reach the point where they could mistakenly give their login credentials to cyber criminals. Applying multi-factor authentication to Microsoft 365 accounts can also help protect login details from being stolen," ZDNet reports.