Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label QR code. Show all posts
Web Community
Cyber Attacks CyberCrime Cybersecurity efvt Malware attacks Microsoft Office Netskope Phishing Attacks QR code Quishing Quishing Campaign URL Web Community

Quishing Scams Exploit Microsoft Sway Platform

 


It has been discovered that a new phishing campaign is being run using Microsoft Sway, which has been found by researchers. A series of attacks have been called the "Quishing" campaign to describe what is happening. The practice of "squishing" is a form of phishing that uses QR codes to lead people to malicious websites. An example of Quishing is embedding malicious URLs into a QR code to commit phishing. 

A few groups of victims in Asia and North America are primarily focusing on the campaign. In late December, researchers noticed that an unexpected spike in traffic to unique Microsoft Sway phishing pages arose as a result of a campaign called "quishing," which targeted Microsoft Office credentials.  As defined by Netskope Threat Labs, quishing is essentially phishing to trick users into opening malicious pages by presenting them with QR codes, which are commonly used in many forms of phishing. 

According to a spokesperson for the campaign, the campaign mainly targets victims in Asia and North America, across multiple industries such as the technology, manufacturing, and finance sectors. A researcher from the University of California, Davis, reported that "attackers instruct their victims to scan QR codes with their mobile devices, in the hope that these portable devices do not possess the strict security measures found on corporate-issued devices," according to an article written by the researchers. 

This QR phishing campaign utilizes two techniques that have been discussed in previous articles: transparent phishing in conjunction with Cloudflare Turnstile" Those who operate phishing websites use Cloudflare Turnstile to ensure that their malicious websites are protected from static analysis tools so that they can hide their malicious payloads, prevent web filtering providers from blocking their domains, and maintain a clean reputation among the web community. 

This is known as an attack-in-the-middle phishing technique, which is more sophisticated than traditional phishing techniques. The attackers not only attempt to gain access to the victims' credentials but also attempt to log them into the legitimate service using those credentials, bypassing multi-factor authentication, so they can steal sensitive tokens or cookies which can be used to gain further unauthorized access to the system. 

This is a massive QR code phishing campaign, which abused Microsoft Sway, a cloud-based tool for creating presentations online, to create landing pages that scammed Microsoft 365 users into handing over their credentials in exchange for money. According to Netskope Threat Labs, these attacks were spotted in July 2024 after detecting an increase of 2,000-fold in attacks exploiting Microsoft Sway to host phishing pages that allegedly steal access credentials for Microsoft 365 accounts. 

Interestingly, this surge of activity dates back to the first half of the year when minimal activity was reported. So, it comes as no surprise that this campaign has been so widespread. Essentially, they were interested in targeting users in Asia and North America, concentrating primarily on the technology, manufacturing, and finance sectors, which were the most likely to present themselves to them. A free application, called Sway, is available in Microsoft 365 for anyone with a Microsoft account who has a Microsoft account. 

Attackers, however, utilize this open access as an opportunity to fool users by misrepresenting them as legitimate cloud applications, thus defrauding them of the money they are paid to use them. Furthermore, Sway is accessed once an individual logs into their Microsoft 365 account, adding a layer of legitimacy to the attack, since it is accessible once the victim has already logged into the account, thus increasing the chances of them opening malicious links. 

Netskope Threat Labs identified a new QR code phishing campaign in July 2024, marking a significant development in cyber threats. This campaign primarily targets victims in Asia and North America, affecting various sectors, including manufacturing, technology, and finance. Cybercriminals employ diverse sharing methods, such as email, links, and social media platforms like Twitter, to direct users to phishing pages hosted on the sway. cloud.Microsoft domain. 

Once on these pages, victims are prompted to scan QR codes that subsequently lead them to malicious websites. Microsoft Sway, a platform known for its versatility, has been exploited in the past for phishing activities. Notably, five years ago, the PerSwaysion phishing campaign leveraged Microsoft Sway to target Office 365 login credentials. This campaign, driven by a phishing kit offered through a malware-as-a-service (MaaS) operation, was uncovered by Group-IB security researchers.

The attacks deceived at least 156 high-ranking individuals within small and medium-sized financial services companies, law firms, and real estate groups. The compromised accounts included those of executives, presidents, and managing directors across the U.S., Canada, Germany, the U.K., the Netherlands, Hong Kong, and Singapore. This escalation in phishing tactics highlights the ongoing battle between cybercriminals and cybersecurity professionals, where each defensive measure is met with a corresponding offensive innovation. 

The need for a comprehensive approach to cybersecurity has never been more apparent, as malicious actors continue to exploit seemingly innocuous technologies for nefarious purposes. With the rising popularity of Unicode QR code phishing techniques, security experts emphasize the importance of enhancing detection capabilities to analyze not just images but also text-based codes and other unconventional formats used to deceive users and infiltrate systems. This sophisticated phishing method underscores the continuous vigilance required to safeguard digital environments against increasingly cunning cyber threats.
Read more »
Technology
Payments QR code QR Code Phishing Quishing Technology

QR Code Phishing: How Cybercriminals Exploit Trust via Quishing


Today, QR codes have become a familiar sight. And why not, it makes our daily tasks easy. From making payments to accessing websites, these square patterns of black and white squares offer convenience and efficiency. However, cybercriminals have found a way to exploit this very convenience through a technique known as "quishing."

What is Quishing?

Quishing, short for "QR code phishing," involves using QR codes to deceive victims. Here's how it works:

Cybercriminals generate seemingly harmless QR codes that lead to fraudulent websites or initiate downloads of malicious software. These malicious QR codes can be distributed via emails, social media, printed materials, or even by placing stickers over legitimate QR codes in public spaces.

When someone scans the malicious QR code, they are directed to a deceptive website. The site may appear legitimate, offering discounts, special deals, or other enticing content. However, victims are unwittingly prompted to provide sensitive information, such as login credentials or financial details. In some cases, malware is downloaded, compromising the victim's device and network.

Recent Trends

One notable trend involves the use of crypto ATMs and QR codes. The FBI has reported an increase in scammers instructing victims to use physical crypto ATMs for payment transactions. Fraudsters manipulate victims into making payments and guide them to cryptocurrency ATMs. The given QR code automatically fills in the recipient's address, making the process seem legitimate.

Prevention Tips

Be Cautious: Only scan QR codes from trusted sources. Avoid scanning random codes in public places. Double-check the URL before providing any information on a website. If something seems too good to be true, it probably is.

Use a QR Code Scanner App: Opt for a reputable QR code scanner app that checks URLs for authenticity. Some apps provide warnings if a code leads to a suspicious site.

Stay Informed: Keep up with security news and trends. Educate yourself and your team about the risks of quishing.

Moving Forward

QR codes—those pixelated portals to convenience—can also harbor danger. As you scan, tread cautiously. Verify sources, question context, and guard your trust. Remember, not all codes lead to safety. 

Read more »
Vishing Campaign
Cyber Security cybercriminals Information Security Personal Data QR code Quishing Scams Vishing Vishing Campaign

Understanding Vishing and Quishing: Protecting Yourself Against Telephone and QR Code Scams

 

In our digitally interconnected world, cybercriminals continuously devise new methods to exploit technology for their malicious intents. Two prevalent schemes gaining traction are vishing and quishing scams. These fraudulent activities capitalize on telephone calls and QR codes to deceive unsuspecting individuals into revealing sensitive personal and financial information. 

Vishing, derived from "voice" and "phishing," entails perpetrators posing as trusted entities over the phone to trick individuals into sharing confidential data like bank account details or passwords. Employing tactics such as urgent requests or threats of repercussions, these scammers manipulate victims into compliance. For instance, a vishing scam might involve a caller impersonating a bank representative, claiming an account issue that necessitates immediate action from the victim. 

Alternatively, fraudsters may masquerade as technical support agents from reputable companies, coercing victims into paying for unnecessary services or software under false pretenses of fixing non-existent computer problems. Another vishing variant, the "police officer tactic," targets vulnerable individuals, particularly the elderly, by feigning as law enforcement officers. Fabricating stories about imminent criminal threats, these scammers persuade victims to surrender valuables or cash, ostensibly for protection. 

On the flip side, quishing represents a newer cybercrime form exploiting QR codes to entice victims to fraudulent websites for data compromise. With QR code prevalence in daily life, quishing has become an increasingly insidious threat. Cybercriminals send deceptive emails containing QR codes, enticing recipients to scan them with their smartphones under false pretenses. Once scanned, these QR codes redirect users to malicious websites designed to distribute malware-infected files or capture login credentials entered by unsuspecting victims. 

Seamless QR code scanning integration into daily activities makes it easy for individuals to fall prey to quishing attacks without recognizing the danger. Protecting against vishing and quishing necessitates heightened vigilance and adherence to cybersecurity best practices. When receiving unsolicited phone calls, it's crucial to verify the caller's identity by independently contacting the organization they claim to represent using official contact information. 

Refrain from divulging personal or financial information over the phone unless legitimacy is verified. To guard against quishing scams, exercise caution when scanning QR codes, especially from unfamiliar or suspicious sources. Verify the website URL before entering sensitive information and ensure it's encrypted (https). Additionally, consider enabling multi-factor authentication for online accounts to add an extra security layer against unauthorized access. 

By staying informed about vishing and quishing tactics and implementing proactive security measures, individuals can safeguard themselves from falling victim to these malicious schemes. Awareness and caution remain paramount in protecting personal and financial well-being in today's digital landscape.
Read more »
QR code
Bank Hacking cyber attack Cyber Security malware Phishing Attack Privacy QR code

Here's How To Steer Clear Of QR Code Hacking

 



QR codes, present for years and widely embraced during COVID-19, offer great benefits. Yet, cybercriminals exploit them, creating malicious QR codes to unlawfully access your personal and financial data. These tampered codes pose a threat, potentially leading to unauthorised access, financial loss, and malware on your smartphone. 

Used extensively for contactless payments, paperless menus, and quick information access, QR codes are embedded in modern phone systems. Scanning a code takes seconds, but the ease of tampering has led to a surge in QR phishing attacks. Stay vigilant against potential threats when using QR codes to protect your digital safety. 

Let's see how it works 

QR code hacking is surprisingly uncomplicated, thanks to the abundance of generator tools available. In just a couple of minutes, scammers can create fake QR codes that mimic authentic ones found in public spaces. The challenge lies in the fact that the human eye struggles to distinguish between a genuine and a malicious QR code. Exploiting this, scammers trick users into scanning their fraudulent codes, leading them to malicious websites. 

Once a user scans the tampered QR code, the potential for harm escalates. Cybercriminals often replace legitimate QR codes in public areas, like cafes or parking lots, with their malicious counterparts. The ultimate goal is to gain access to personal information, and financial details, or even compromise the security of the user's device. These deceptive QR codes might redirect users to payment sites, unauthorised social media profiles, or initiate actions such as sending emails without consent, all of which can result in the theft of login credentials and damage to one's reputation. Staying alert and recognizing warning signs before interacting with unfamiliar QR codes is crucial to avoid falling victim to these scams. 

Let's explore practical measures to strengthen our protective measures. 

 1. Public Vigilance: 

Stay alert in public spaces, refraining from scanning QR codes where tampering is more likely. Be watchful for deceptive stickers replacing genuine codes. 

 2. URL Scrutiny: 

Before proceeding, meticulously inspect the URL revealed by the QR code. Shortened URLs should trigger heightened caution, prompting a thorough review. 

 3. Language Alerts: 

Keep an eye out for grammatical errors and poor English when interacting with QR codes. Scammers often neglect language quality on fraudulent websites. 

 4. Package Precaution: 

Exercise caution when scanning QR codes on unexpected packages. Confirm orders through official channels to avoid potential scams. 

 5. Crypto-Smart Practices: 

Approach QR codes linked to cryptocurrency transactions with scepticism. Verify such communications through official channels to safeguard personal information. 

 6. App Awareness: 

Say no to downloading apps from QR codes, particularly if not from official stores. Stick to Google Play or the App Store to ensure app legitimacy and preserve your device's security. 


 Stay Alert to the Surge in QR Code Scams

As QR code scams proliferate, be on high alert for potential threats. If you fall victim to one of these hacks, take immediate action. Change your account passwords, notify your bank of the incident, and bolster your security with two-factor authentication (2FA) for crucial services like Google and Microsoft. Safeguard your sensitive information by utilising a reliable password manager to deter prying eyes.

Read more »
URLs
Cyber Fraud Data Theft FTC Mallicious URLs Online Scams Personal Data QR code Scammers Scams URLs

FTC Warns: QR Codes May Result in Identity Theft


One might want to reconsider before scanning QR codes.

The codes, which are a digital jumble of white and black squares that are frequently used to record URLs, are apparently commonplace; they may as well be seen, for example, on menus at restaurants and retail establishments. The Federal Trade Commission cautioned on Thursday that they could be dangerous for those who aren't cautious.

According to a report by eMarketer, around 94 million US consumers have used QR scanner this year. The number is only increasing, with around 102.6 million anticipated by 2026. 

As per Alvaro Puig, a consumer education specialist with the FTC, QRs are quite popular since there are endless ways to use them.

“Unfortunately, scammers hide harmful links in QR codes to steal personal information,” Puig said.

Why is Stolen Personal Data a Threat? 

The stolen data can be misused by threat actors in a number of ways: According to a separate report by FTC, the identity thieves can use victim’s personal data to illicitly file tax returns in their names and obtain tax refunds, drain their bank accounts, charge their credit cards, open new utility accounts, get medical treatment on their health insurance, and open new utility accounts.

In some cases, criminals cover the legitimate QR codes with their own, in places like parking meters, or even send codes via text messages or emails, luring victims into scanning their codes. 

One of the infamous tactic used by scammers is by creating a sense of urgency in their victims. For example, they might suggest that a product could not  be delivered and you need to reschedule or that you need to change your account password because of suspicious activity.

“A scammer’s QR code could take you to a spoofed site that looks real but isn’t,” Puig wrote. “And if you log in to the spoofed site, the scammers could steal any information you enter. Or the QR code could install malware that steals your information before you realize it.”

How can User Protect Themselves?

According to FTC, some of the measures one can follow to protect themselves from scams are:

  • Inspect URLs before clicking: Even if a URL looks familiar, it is advisable to check for any misspelling or switched letters in order to ensure it is legit. 
  • Do not scan a QR code in a suspicious/unexpected message: This is particularly valid when the text or email demands a quick response. If a user believe this to be a genuine message, it is advisable to get in touch with the business using a reliable channel, such as a working phone number or website. 
  • Protect devices and online accounts: Users are advised to use strong passwords and multifactor authentication and keep their phones’ OS in their latest versions.  

Read more »
Vulnerability and Exploits.
Apple Devices Apple Inc. Data Encryption Decrypter Digital Landscape Identity verification iMessage iOS iPhone Public Key Cryptography QR code User Privacy Vulnerability and Exploits.

Contact Key Verification: Boosting iMessage Security

Apple has taken another significant step towards improving the security of its messaging platform, iMessage. The introduction of Contact Key Verification adds an extra layer of security to iMessage conversations, protecting user data and privacy. In this article, we will explore what Contact Key Verification is and why it matters.

iMessage is a popular messaging platform known for its end-to-end encryption, which ensures that only the sender and the recipient can read the messages. With the new Contact Key Verification feature, Apple is making iMessage even more secure by allowing users to verify the identity of the person they are messaging with.

Contact Key Verification uses public key cryptography to establish a secure connection between the sender and receiver. Each iMessage user has a unique public key, which is stored on Apple's servers. When a user sends a message, their public key is used to encrypt the message. The recipient's device then uses their private key to decrypt and read the message. This ensures that only the intended recipient can access the content.

But what Contact Key Verification does differently is that it allows users to confirm that the public key used for encryption belongs to the person they intend to communicate with. This extra layer of verification prevents man-in-the-middle attacks, where an attacker intercepts and decrypts messages meant for someone else.

The implementation of Contact Key Verification is simple. Users can access the feature by tapping on the contact's name or picture in the chat. They can then view the contact's key and verify it through various methods like scanning a QR code or comparing a series of numbers with the contact in person.

This additional security feature is essential in today's digital landscape, where data breaches and cyberattacks are increasingly common. It ensures that even if someone gains access to your device, they cannot impersonate you or read your messages without proper verification.

Apple's commitment to user privacy is evident in this move. By giving users control over their message security, they are ensuring that iMessage remains one of the most secure messaging platforms available. Moreover, the public key infrastructure used in Contact Key Verification is a proven method for securing digital communications.



Read more »
Technolgy
barcode Data Breach Email Breach Fake Website Malicious Software Multi-Factor Authentication (MFA) Phising Attacks QR code Sensitive Information Technolgy

QR Code Phishing Attacks: A Rising Threat

Leading cybersecurity firms have reported a startling 587% increase in QR code-based phishing assaults in recent times. This concerning pattern demonstrates how fraudsters are changing their strategies to take advantage of people's confidence in QR codes for a variety of objectives.

QR codes, initially designed for convenience and efficiency, have become an integral part of our digital lives. From accessing websites to making payments, these two-dimensional barcodes have streamlined numerous processes. However, this surge in phishing attacks signifies that cybercriminals are adapting and finding innovative ways to exploit this technology.

Cybersecurity experts have identified several strategies employed by attackers in these QR code phishing campaigns. One common tactic involves distributing malicious QR codes via emails or social engineering techniques. Unsuspecting victims scan these codes, unwittingly granting cybercriminals access to sensitive information or infecting their devices with malware.

Furthermore, attackers are increasingly using QR codes in conjunction with fake landing pages that mimic legitimate websites. These convincing replicas deceive users into entering their credentials or personal information, which is then harvested by the attackers. This method has proven to be highly effective, as even cautious individuals can be easily tricked by sophisticated phishing pages.

To combat this rising threat, experts emphasize the importance of user education and awareness. Individuals should exercise caution when scanning QR codes, especially if received from unknown or unverified sources. Employing reputable security software that includes QR code scanning capabilities can also provide an additional layer of protection.

Additionally, businesses and organizations should implement multi-factor authentication measures and conduct regular security audits to identify and mitigate potential vulnerabilities. By staying vigilant and adopting proactive cybersecurity measures, individuals and businesses can help curb the success of QR code phishing attacks.

The surge in QR code-based phishing attacks serves as a stark reminder of the ever-evolving landscape of cyber threats. As technology advances, so do the tactics of cybercriminals. Vigilance, education, and robust cybersecurity practices are crucial in safeguarding against these sophisticated attacks.






Read more »
Quishing
Cyber Security Cyberattacks CyberCrime cybercriminals Emails QR code Quishing

Quishing Emerges as a Leading Cybersecurity Challenge

 


Researchers are predicting that cybercriminals will employ email-based quashing attacks as a means of stealing data from users. Several quishing campaigns are known to have been large, long-running, and dynamic, based on attack cadence and variations within the lures and domains featured in the messages used by the campaigns. 

A study released by the Global State of Mobile Phishing Report recently raises some sobering insights into the widespread use of mobile phishing attacks. The report noted that over 50% of the personal devices used by employees of a company had been hacked every quarter, which is an astounding number. 

Technology is constantly evolving to make users' personal and professional lives more convenient in the era of digital technology, as the usage of technology gradually increased over the years. One of the advancements that have made life easier for consumers has been the Quick Response (QR) code. The user can either share the URLs of websites and contact information, or they can pay with this two-dimensional barcode which is easy to read. 

In addition to improving our daily lives, QR codes have also created new avenues for cybercriminals to exploit, which has made it easier for them to steal information. This method of phishing is also known as quishing and poses a significant threat to individuals and organizations alike. QR codes are phishing attacks that have been on the rise for years. 

Even though "squishing" sounds all cute and squishy, it's a serious practice that has to be taken seriously. A QR code can be obtained by generating a fake email that contains a QR code that is inserted into the email, and then sending it to a person as a phishing email. 

In an attempt to trick the recipients of an email attack into visiting malicious websites or downloading malware onto their devices, hackers use QR codes embedded in the email to trick them. Social engineering tactics are usually used in these kinds of attacks to exploit the trust that people place in emails because they often put their trust in them. 

Recent findings regarding the effectiveness of mobile phishing attacks have been released in the Global State of Mobile Phishing Report. Over half of a company's employees' devices are exposed to phishing every few weeks, and at least one-third of those are not even aware that it is happening. 

Additionally, there was a seven-fold increase in the number of QR code phishing reports in Q2 of 2022. Many industries are targeted by these types of attacks, including insurance, legal, financial, and healthcare. A high level of regulation is enforced in these industries as a result of the sensitive and valuable nature of their data. As a result, they are a good target for cybercriminals as they are easy to reach. 

Increasingly, QR codes are appearing everywhere: they are in restaurants, mass vehicles, commercials, signs, walls, bathrooms, advertisements on billboards and posters; and even companies are shipping their products with QR codes so that consumers can access the manual via their phones. 

There are two main ways that criminals are attempting to quench attacks at the moment: they send targets a QR code via email and then try to crack it. In many cases, those emails are simply a call to action for users to verify their accounts and to act within a specific time frame otherwise their accounts will be locked or closed. A QR code would be inserted into an email on a desktop computer by the user, and once scanned, it would cause havoc on the computer.  

Using traditional email filtering methods, it is hard to detect QR code attacks since there are no embedded links or malicious attachments to scan. In addition, email filtering is not designed to follow a QR code to its destination to look for malicious content. The threat is also moved to another device which is more likely not to be protected by corporate security software, as well as shifting the actual threat to another device. 

Detecting these attacks can be done using artificial intelligence and image recognition technology. Fake QR codes are usually not the only sign that a malicious email is being sent. In addition, AI-based detection will take into account other signals as well - such as the sender's name, the content, the size, and the placement of images – to determine whether a message is malicious. To detect and prevent QR code scams, Barracuda Impersonation Protection will employ several techniques, as well as others. 

Currently, there are many quashing attacks targeting individual consumers, but enterprises, as well as their employees, are also at risk of squishing attacks. Researchers from HP and Abnormal Security discovered, in particular, that email-based QR phishing campaigns, like those uncovered by the researchers, could be used to steal credentials or spread malicious software to business accounts. 

Fraudulent QR Code Signs


Receivers need to pay close attention to the labels on the quashing codes to see that these codes are marked. These include: 

  • There are several errors on destination websites, including spelling errors, poor-quality images, and inadequate design. 
  • Rather than beginning with HTTPS, a URL starts with HTTP.
  • The true destination site is hidden by short URLs that are unreadable. 
Read more »
Social Engineering Attack
Cyber Fraud HP Threat Research Malicious PDF Attachment Microsoft QR code scan scam campaigns Social Engineering Attack

Cyber Scammers now Experimenting With QR Codes


Microsoft started limiting macros in Office files by default in February 2022, making it more difficult for attackers to execute malicious code. According to data gathered by the HP Threat Research team, attackers have been changing their methods since Q2 2022 in an effort to identify new ways to hack devices and steal data. 

The Rise of QR Scan Scams 

The research findings were based on data collected from millions of endpoints using HP Wolf Security: 

Since October 2022, HP has witnessed QR code “scan scam” campaigns almost daily. These frauds persuade users to scan QR codes with their mobile devices while connected to their PCs, potentially exploiting the lack of phishing protection and detection on such devices. Users can access fraudulent websites that request credit and debit card information by scanning QR codes. Examples from Q4 include phishing attempts that pose as parcel delivery services seeking money. 

38% Rise in Malicious PDF Attachment: 

The recent assaults avoid web gateway scanners by using embedded images that link to malicious ZIP files that are encrypted. The PDF instructions fool the user into providing a password to unpack a ZIP file, allowing QakBot or IcedID malware to gain access to systems unauthorization and serve as beachheads for ransomware. 

42% of Malware was Delivered Inside Archives Files Like ZIP, RAR, and IMG: 

Archives have gained a whooping 20% rise in popularity since Q1 2022, as threat actors use scripts to execute their payloads. In contrast, 38% of malware is distributed via Office documents like Microsoft Word, Excel, and PowerPoint. 

Alex Holland, Senior Malware Analyst at HP Wolf Security threat research team said, “We have seen malware distributors like Emotet try to work around Office’s stricter macro policy with complex social engineering tactics, which we believe are proving less effective. But when one door closes, another opens – as shown by the rise in scan scams, malvertising, archives, and PDF malware.” 

“Users should look out for emails and websites that ask to scan QR codes and give up sensitive data, and PDF files linking to password-protected archives,” added Holland. 

Threat Actors Still Rely on Social Engineering 

HP researchers also discovered eight malware families imitated in 24 popular software projects in Q4's malvertising efforts, as compared to just two such operations in Q3's. The attacks rely on people clicking on search engine adverts that take them to malicious websites that resemble legitimate websites nearly identity. 

Dr. Ian Pratt, Global Head of Security for Personal Systems, HP says “While techniques evolve, threat actors still rely on social engineering to target users at the endpoint.” 

“Organizations should deploy strong isolation to contain the most common attack vectors like email, web browsing and downloads. Combine this with credential protection solutions that warn or prevent users from entering sensitive details onto suspicious sites to greatly reduce the attack surface and improve an organization’s security posture,” concludes Pratt.  

Read more »
QR code
Airtel Cyber Crime E-Sim Fraudsters QR code

E-Sim Fraud and Prevention

 

Some mobile service providers have eSIM-enabled cell phones which don't need an actual SIM card. They have a little chip inside the phone and the data on this eSIM is rewritable so the client can change the operator without any problem. The victim normally gets a message cautioning that his/her SIM card will be blocked, which says: “Dear customer, your SIM card will be blocked in 24 hours.” Or “Please update your eKYC verification.” These criminals call the network clients in the name of customer care executives and ask them to request e-SIM activation.

After the message, fraudsters call their victim claiming to be telecom organization's customer care executive; say from Airtel, Reliance Jio, or Vodafone-Idea. The message, which looks like from the customer care cell of a mobile service provider, requests that clients click on a link and fill a form. This form can ask for multiple types of data like Bank Details, PII, and so on. Clients are then approached to forward an email ID, sent by the fraudsters, to the customer care of that specific telecom operator. The email ID belongs to the scamsters so that they can register their mail IDs.

In the wake of getting their own email ID enrolled with the victim’s mobile number, the caller at that point requests the victim to forward an eSIM request to the service provider with an enlisted email ID. They deceive the client into sending an email sent by the service provider on their enlisted email addresses.

When the eSIM service gets activated, the activation QR code for eSIM goes to the email ID given by the fraudster. After eSIM activation, the actual SIM that is running in the victims' phone consequently gets blocked. The fraudster registers the eSIM with digital wallets and links it to the victim's bank accounts to steal money. Following this, the casualties are made to fill in their details, including bank details, in a google form. That is the way cybercriminals gain admittance to the bank accounts of these users. 

 A few safety measures to prevent e-SIM frauds: 

1. Go to the SIM provider directly to get your e-SIM. 

2. Your SIM is never blocked in the wake of upgrading from physical sim to e-SIM. Never believe scammers threatening that your SIM will be hindered unless you upgrade. 

3. Never give your details for SIM up-gradation or share any OTP/click on given un-verified links.


Reference: Rahul Tyagi, Co-founder, SAFE Security. 
Read more »
Scammers
Cyber Fraud Phishing Campaign QR code Scammers

Scammers are Tricking Consumers via QR Code Phishing Campaign

 

QR codes - the little Digi squares, an effective tool for contactless transactional activities especially during the Covid-19 pandemic. Quick Response (QR) codes were originally developed back in the mid-nineties for utilization in the Japanese auto-making industry as a swift, machine-readable technique to reserve information regarding a specific item, whether for production, inventory, or eventual scale. 

QR code is the most convenient method to pay or receive money and this tool has seemed to grow exponentially in the last 5 years, mainly due to the explosion in the popularity of smartphones over the past decade. Most of the modern-day Android and iOS camera apps read the codes naturally unlike the previous years where the users have to download a particular QR code-scanning apps to access the information programmed into the tiny squares.

The biggest concern begins when fraudsters start to use QR codes as a doorway to secure consumers' private information regarding bank details, private messages, etc. So how to identify what’s hidden in the QR codes and gain the necessary knowledge to identify a fraudulent one?

The popular method used by the fraudsters is to send texts to the consumers like – ‘Congratulations! You have won 2000 Rs.’ along with the picture of the QR code. This text will prompt the consumers to scan the QR code, enter the amount which will redirect the consumers to the UPI PIN page to receive the money in their account. Most of the consumers with less awareness are trapped in the net laid by the scammers and end up paying the scammer the amount.

The next popular method used by scammers to trick the consumers is to embed a fake QR code into a phishing email, text, or via social media platform. If the consumer scans the fake code which will redirect the consumer to the website with realistic-looking landing pages and the consumer will prompt the consumer to login via PII (personally identifiable information). A fabricated QR code has the ability to take the consumer to the websites where malware can be automatically installed and used to steal critical information from the consumers’ device or even share spyware or viruses.

Three methods to prevent yourself from QR code scam 

1.) Read the message carefully and pay attention to the small details while making transactions via QR code. 

2.) The device used for making payments should be updated frequently and install security software. If any suspicion arises immediately get in touch with your bank and request them to alter your login credentials.

 3.) If the problem is severe you can contact the police and register a formal complaint with the cyber cell, the consumer can also register an online complaint on the National Cybercrime Reporting Portal – cybercrime.gov.in.
Read more »
Subscribe to: Posts (Atom)