Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Quishing. Show all posts
Web Community
Cyber Attacks CyberCrime Cybersecurity efvt Malware attacks Microsoft Office Netskope Phishing Attacks QR code Quishing Quishing Campaign URL Web Community

Quishing Scams Exploit Microsoft Sway Platform

 


It has been discovered that a new phishing campaign is being run using Microsoft Sway, which has been found by researchers. A series of attacks have been called the "Quishing" campaign to describe what is happening. The practice of "squishing" is a form of phishing that uses QR codes to lead people to malicious websites. An example of Quishing is embedding malicious URLs into a QR code to commit phishing. 

A few groups of victims in Asia and North America are primarily focusing on the campaign. In late December, researchers noticed that an unexpected spike in traffic to unique Microsoft Sway phishing pages arose as a result of a campaign called "quishing," which targeted Microsoft Office credentials.  As defined by Netskope Threat Labs, quishing is essentially phishing to trick users into opening malicious pages by presenting them with QR codes, which are commonly used in many forms of phishing. 

According to a spokesperson for the campaign, the campaign mainly targets victims in Asia and North America, across multiple industries such as the technology, manufacturing, and finance sectors. A researcher from the University of California, Davis, reported that "attackers instruct their victims to scan QR codes with their mobile devices, in the hope that these portable devices do not possess the strict security measures found on corporate-issued devices," according to an article written by the researchers. 

This QR phishing campaign utilizes two techniques that have been discussed in previous articles: transparent phishing in conjunction with Cloudflare Turnstile" Those who operate phishing websites use Cloudflare Turnstile to ensure that their malicious websites are protected from static analysis tools so that they can hide their malicious payloads, prevent web filtering providers from blocking their domains, and maintain a clean reputation among the web community. 

This is known as an attack-in-the-middle phishing technique, which is more sophisticated than traditional phishing techniques. The attackers not only attempt to gain access to the victims' credentials but also attempt to log them into the legitimate service using those credentials, bypassing multi-factor authentication, so they can steal sensitive tokens or cookies which can be used to gain further unauthorized access to the system. 

This is a massive QR code phishing campaign, which abused Microsoft Sway, a cloud-based tool for creating presentations online, to create landing pages that scammed Microsoft 365 users into handing over their credentials in exchange for money. According to Netskope Threat Labs, these attacks were spotted in July 2024 after detecting an increase of 2,000-fold in attacks exploiting Microsoft Sway to host phishing pages that allegedly steal access credentials for Microsoft 365 accounts. 

Interestingly, this surge of activity dates back to the first half of the year when minimal activity was reported. So, it comes as no surprise that this campaign has been so widespread. Essentially, they were interested in targeting users in Asia and North America, concentrating primarily on the technology, manufacturing, and finance sectors, which were the most likely to present themselves to them. A free application, called Sway, is available in Microsoft 365 for anyone with a Microsoft account who has a Microsoft account. 

Attackers, however, utilize this open access as an opportunity to fool users by misrepresenting them as legitimate cloud applications, thus defrauding them of the money they are paid to use them. Furthermore, Sway is accessed once an individual logs into their Microsoft 365 account, adding a layer of legitimacy to the attack, since it is accessible once the victim has already logged into the account, thus increasing the chances of them opening malicious links. 

Netskope Threat Labs identified a new QR code phishing campaign in July 2024, marking a significant development in cyber threats. This campaign primarily targets victims in Asia and North America, affecting various sectors, including manufacturing, technology, and finance. Cybercriminals employ diverse sharing methods, such as email, links, and social media platforms like Twitter, to direct users to phishing pages hosted on the sway. cloud.Microsoft domain. 

Once on these pages, victims are prompted to scan QR codes that subsequently lead them to malicious websites. Microsoft Sway, a platform known for its versatility, has been exploited in the past for phishing activities. Notably, five years ago, the PerSwaysion phishing campaign leveraged Microsoft Sway to target Office 365 login credentials. This campaign, driven by a phishing kit offered through a malware-as-a-service (MaaS) operation, was uncovered by Group-IB security researchers.

The attacks deceived at least 156 high-ranking individuals within small and medium-sized financial services companies, law firms, and real estate groups. The compromised accounts included those of executives, presidents, and managing directors across the U.S., Canada, Germany, the U.K., the Netherlands, Hong Kong, and Singapore. This escalation in phishing tactics highlights the ongoing battle between cybercriminals and cybersecurity professionals, where each defensive measure is met with a corresponding offensive innovation. 

The need for a comprehensive approach to cybersecurity has never been more apparent, as malicious actors continue to exploit seemingly innocuous technologies for nefarious purposes. With the rising popularity of Unicode QR code phishing techniques, security experts emphasize the importance of enhancing detection capabilities to analyze not just images but also text-based codes and other unconventional formats used to deceive users and infiltrate systems. This sophisticated phishing method underscores the continuous vigilance required to safeguard digital environments against increasingly cunning cyber threats.
Read more »
Technology
Payments QR code QR Code Phishing Quishing Technology

QR Code Phishing: How Cybercriminals Exploit Trust via Quishing


Today, QR codes have become a familiar sight. And why not, it makes our daily tasks easy. From making payments to accessing websites, these square patterns of black and white squares offer convenience and efficiency. However, cybercriminals have found a way to exploit this very convenience through a technique known as "quishing."

What is Quishing?

Quishing, short for "QR code phishing," involves using QR codes to deceive victims. Here's how it works:

Cybercriminals generate seemingly harmless QR codes that lead to fraudulent websites or initiate downloads of malicious software. These malicious QR codes can be distributed via emails, social media, printed materials, or even by placing stickers over legitimate QR codes in public spaces.

When someone scans the malicious QR code, they are directed to a deceptive website. The site may appear legitimate, offering discounts, special deals, or other enticing content. However, victims are unwittingly prompted to provide sensitive information, such as login credentials or financial details. In some cases, malware is downloaded, compromising the victim's device and network.

Recent Trends

One notable trend involves the use of crypto ATMs and QR codes. The FBI has reported an increase in scammers instructing victims to use physical crypto ATMs for payment transactions. Fraudsters manipulate victims into making payments and guide them to cryptocurrency ATMs. The given QR code automatically fills in the recipient's address, making the process seem legitimate.

Prevention Tips

Be Cautious: Only scan QR codes from trusted sources. Avoid scanning random codes in public places. Double-check the URL before providing any information on a website. If something seems too good to be true, it probably is.

Use a QR Code Scanner App: Opt for a reputable QR code scanner app that checks URLs for authenticity. Some apps provide warnings if a code leads to a suspicious site.

Stay Informed: Keep up with security news and trends. Educate yourself and your team about the risks of quishing.

Moving Forward

QR codes—those pixelated portals to convenience—can also harbor danger. As you scan, tread cautiously. Verify sources, question context, and guard your trust. Remember, not all codes lead to safety. 

Read more »
User Security
Cyber Fraud Data Theft Euro Final QR Codes Quishing User Security

England Fans Warned Over 'Quishing' Scam Ahed of Euro Final

 

England football fans have been urged to be wary of a 'quishing' scam as they gather in pubs to watch the Euro 2024 final against Spain. The duping phenomenon has the potential to be devastating for victims, and it has caught supporters off guard amid scenes of flying beer as fans celebrated achieving Sunday's landmark. In certain places, the scam has already been going on as the national team advanced to the final four. 

And now that England has advanced to the final, fans have been warned to keep an eye out for the scam. It employs the now-familiar digital QR codes, but individuals scanning the code with their phones can also be duped into downloading malicious stuff via fake codes. 

This is not a new thing, but for fans watching the game in pubs, it can be worrying. It combines 'QR codes' and 'phishing'. Fake QR (quick response) codes could imitate an existing code, leading users to download malicious content. According to Cloudflare, their goal is to collect sensitive information such as passwords, financial data, or personally identifying information (PII). A code might also deceive victims when sent as an email or message. 

“Once this sensitive information is captured, attackers can exploit it for various malicious purposes, including identity theft, financial fraud, or ransomware,” Cloudfare added.

QR codes, which emerged during the coronavirus pandemic, were popular as a way to order food or drinks in bars. It may appear harmless, but it means that a once-harmless transaction now involves a possible risk. 

Scammers started using QR codes, which operate by inserting instructions within a black and white dot-based graphic, to trick customers. Smartphones, apps, and scanners transform QR codes into information that people can understand. However, the coders usually direct to websites, links to media, or buttons to download an app. 

According to TitanHQ, an anti-phishing platform, 84% of smartphone users have scanned a QR code at least once, with more than 34% scanning a QR code once every week. However, the ease with which QR codes are used has enabled criminals to indulge in phishing. 

These scams might have varying effects depending on the type, but the consequences can be serious for people who are targeted by scammers. Football fans will likewise be enthusiastic for Sunday's game, and many possibly have a few drinks before watching their team.
Read more »
Quishing
Cyber Fraud Data Privacy Phishing scam QR Codes Quishing

Phishing And The Threats of QR Codes

 

Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due to their ease of use and functionality. 

However, their widespread use has created a new channel for phishing attempts, namely QR code phishing (or quishing). With the NCSC recently warning of an increase in these attacks, businesses must grasp how QR codes can be used to compromise staff and what they can do to effectively protect against these rising threats. 

Leaders at risk from QR code attacks 

Quishing attacks, like traditional phishing campaigns, typically attempt to steal credentials by social engineering, in which an email is sent from a supposedly trusted source and uses urgent language to persuade the target to perform a specific action. 

In a quishing attack, the target is frequently induced to scan a QR code disguised as a fake prompt, such as updating an expired password or examining a critical file. The malicious QR code will then direct visitors to a counterfeit login page, prompting them to enter - and ultimately expose - their credentials. 

CEOs and senior executives, who have the system access, are naturally appealing targets due to the high value of account credentials. In fact, the study discovered that C-Suite members were 42 times more likely than other employees to receive QR code phishing assaults. 

Quishing attacks mainly follow the same standard phishing strategy, in which social engineering is employed to control the victim's actions. However, when it comes to QR code phishing, cybercriminals appear to prefer two methods. 

Data collected in the second half of 2023 revealed that QR codes were most commonly used in false notifications for MFA activity (27% of all QR assaults) and shared documents (21%). Whatever the explanation for the malicious code, the majority of QR assaults security experts detected are credential phishing attempts. 

Prevention tips 

The best defence is to keep these attacks from reaching their intended targets at all. However, it is becoming increasingly evident that these new phishing schemes outperform secure email gateways (SEGs) and other legacy email systems. Unfortunately, these safeguards were not intended to thoroughly detect QR code threats or assess the code's destination.

Businesses need to be aware that new threats like QR codes will outsmart many of the classic security solutions, forcing them to switch to more contemporary, dynamic strategies like AI-native detection technologies.
Read more »
Vishing Campaign
Cyber Security cybercriminals Information Security Personal Data QR code Quishing Scams Vishing Vishing Campaign

Understanding Vishing and Quishing: Protecting Yourself Against Telephone and QR Code Scams

 

In our digitally interconnected world, cybercriminals continuously devise new methods to exploit technology for their malicious intents. Two prevalent schemes gaining traction are vishing and quishing scams. These fraudulent activities capitalize on telephone calls and QR codes to deceive unsuspecting individuals into revealing sensitive personal and financial information. 

Vishing, derived from "voice" and "phishing," entails perpetrators posing as trusted entities over the phone to trick individuals into sharing confidential data like bank account details or passwords. Employing tactics such as urgent requests or threats of repercussions, these scammers manipulate victims into compliance. For instance, a vishing scam might involve a caller impersonating a bank representative, claiming an account issue that necessitates immediate action from the victim. 

Alternatively, fraudsters may masquerade as technical support agents from reputable companies, coercing victims into paying for unnecessary services or software under false pretenses of fixing non-existent computer problems. Another vishing variant, the "police officer tactic," targets vulnerable individuals, particularly the elderly, by feigning as law enforcement officers. Fabricating stories about imminent criminal threats, these scammers persuade victims to surrender valuables or cash, ostensibly for protection. 

On the flip side, quishing represents a newer cybercrime form exploiting QR codes to entice victims to fraudulent websites for data compromise. With QR code prevalence in daily life, quishing has become an increasingly insidious threat. Cybercriminals send deceptive emails containing QR codes, enticing recipients to scan them with their smartphones under false pretenses. Once scanned, these QR codes redirect users to malicious websites designed to distribute malware-infected files or capture login credentials entered by unsuspecting victims. 

Seamless QR code scanning integration into daily activities makes it easy for individuals to fall prey to quishing attacks without recognizing the danger. Protecting against vishing and quishing necessitates heightened vigilance and adherence to cybersecurity best practices. When receiving unsolicited phone calls, it's crucial to verify the caller's identity by independently contacting the organization they claim to represent using official contact information. 

Refrain from divulging personal or financial information over the phone unless legitimacy is verified. To guard against quishing scams, exercise caution when scanning QR codes, especially from unfamiliar or suspicious sources. Verify the website URL before entering sensitive information and ensure it's encrypted (https). Additionally, consider enabling multi-factor authentication for online accounts to add an extra security layer against unauthorized access. 

By staying informed about vishing and quishing tactics and implementing proactive security measures, individuals can safeguard themselves from falling victim to these malicious schemes. Awareness and caution remain paramount in protecting personal and financial well-being in today's digital landscape.
Read more »
Quishing
Cyber Security Cyberattacks CyberCrime cybercriminals Emails QR code Quishing

Quishing Emerges as a Leading Cybersecurity Challenge

 


Researchers are predicting that cybercriminals will employ email-based quashing attacks as a means of stealing data from users. Several quishing campaigns are known to have been large, long-running, and dynamic, based on attack cadence and variations within the lures and domains featured in the messages used by the campaigns. 

A study released by the Global State of Mobile Phishing Report recently raises some sobering insights into the widespread use of mobile phishing attacks. The report noted that over 50% of the personal devices used by employees of a company had been hacked every quarter, which is an astounding number. 

Technology is constantly evolving to make users' personal and professional lives more convenient in the era of digital technology, as the usage of technology gradually increased over the years. One of the advancements that have made life easier for consumers has been the Quick Response (QR) code. The user can either share the URLs of websites and contact information, or they can pay with this two-dimensional barcode which is easy to read. 

In addition to improving our daily lives, QR codes have also created new avenues for cybercriminals to exploit, which has made it easier for them to steal information. This method of phishing is also known as quishing and poses a significant threat to individuals and organizations alike. QR codes are phishing attacks that have been on the rise for years. 

Even though "squishing" sounds all cute and squishy, it's a serious practice that has to be taken seriously. A QR code can be obtained by generating a fake email that contains a QR code that is inserted into the email, and then sending it to a person as a phishing email. 

In an attempt to trick the recipients of an email attack into visiting malicious websites or downloading malware onto their devices, hackers use QR codes embedded in the email to trick them. Social engineering tactics are usually used in these kinds of attacks to exploit the trust that people place in emails because they often put their trust in them. 

Recent findings regarding the effectiveness of mobile phishing attacks have been released in the Global State of Mobile Phishing Report. Over half of a company's employees' devices are exposed to phishing every few weeks, and at least one-third of those are not even aware that it is happening. 

Additionally, there was a seven-fold increase in the number of QR code phishing reports in Q2 of 2022. Many industries are targeted by these types of attacks, including insurance, legal, financial, and healthcare. A high level of regulation is enforced in these industries as a result of the sensitive and valuable nature of their data. As a result, they are a good target for cybercriminals as they are easy to reach. 

Increasingly, QR codes are appearing everywhere: they are in restaurants, mass vehicles, commercials, signs, walls, bathrooms, advertisements on billboards and posters; and even companies are shipping their products with QR codes so that consumers can access the manual via their phones. 

There are two main ways that criminals are attempting to quench attacks at the moment: they send targets a QR code via email and then try to crack it. In many cases, those emails are simply a call to action for users to verify their accounts and to act within a specific time frame otherwise their accounts will be locked or closed. A QR code would be inserted into an email on a desktop computer by the user, and once scanned, it would cause havoc on the computer.  

Using traditional email filtering methods, it is hard to detect QR code attacks since there are no embedded links or malicious attachments to scan. In addition, email filtering is not designed to follow a QR code to its destination to look for malicious content. The threat is also moved to another device which is more likely not to be protected by corporate security software, as well as shifting the actual threat to another device. 

Detecting these attacks can be done using artificial intelligence and image recognition technology. Fake QR codes are usually not the only sign that a malicious email is being sent. In addition, AI-based detection will take into account other signals as well - such as the sender's name, the content, the size, and the placement of images – to determine whether a message is malicious. To detect and prevent QR code scams, Barracuda Impersonation Protection will employ several techniques, as well as others. 

Currently, there are many quashing attacks targeting individual consumers, but enterprises, as well as their employees, are also at risk of squishing attacks. Researchers from HP and Abnormal Security discovered, in particular, that email-based QR phishing campaigns, like those uncovered by the researchers, could be used to steal credentials or spread malicious software to business accounts. 

Fraudulent QR Code Signs


Receivers need to pay close attention to the labels on the quashing codes to see that these codes are marked. These include: 

  • There are several errors on destination websites, including spelling errors, poor-quality images, and inadequate design. 
  • Rather than beginning with HTTPS, a URL starts with HTTP.
  • The true destination site is hidden by short URLs that are unreadable. 
Read more »
User Security
Cyber Fraud Online Safety Phishing scam QR Codes Quishing User Security

Beware of "Quishing": Fraudsters Steal Data Using QR Codes

 

The vulnerability of protected health data may be increased by the usage of QR codes, which are intended to speed up processes like picture file transfers but actually expose organisations' weak points in mobile device security.

A fake QR code that links people to a website that seems identical to the real thing might be substituted by cunning cybercriminals in order to intercept user data and patients' personal information. In a practice called "quishing," they can even incorporate fake QR codes inside emails that appear to be from trusted sources. 

QR code scam 

With a projected increase of more than seven times in 2022, "scan scams" are now virtually regular occurrences.

Patient data breaches, malware infestations, and identity theft are all risks posed by QR code phishing in particular to healthcare organisations and patients. Cybercriminals deceive clients or staff into scanning a QR code that takes them to a website that seems authentic and asks for personal information or log-in credentials. 

To access patient portals, provider networks, and other digital services, hackers steal sensitive data, including medical histories, insurance details, social security numbers, and other personal identity data. 

Patient data is an extremely alluring target since it has a market on the dark web. In fact, depending on the level of data, a single patient record can fetch up to $1,000 on the underground market. That sum of money is over 50 times greater than what is typically recorded on credit cards. 

Role of organisations 

Organisations can increase provider, carer, and patient communication and openness with the aid of QR codes. Employing a QR code generator with integrated capabilities like single sign-on, multi-factor authentication, custom domain, and user management can help healthcare organisations safeguard this technology. 

The second crucial component is a platform for QR codes with incident management tools and security measures that are subject to recurring in-depth examinations. But education also contributes to preventing QR code fraud.

Healthcare organisations must educate their staff members and patients on how to use QR codes safely, including how to spot and stay away from malware, phishing scams, and other security risks. 

Mitigation tips 

Patients should be encouraged to check the legitimacy of the QR codes they scan before providing personal information. There are also security and privacy problems because a lot of individuals open a link right away after scanning a QR code without even checking it. To determine whether a destination is reliable, patients should check the website or app URL linked to the QR code or use a reliable QR code scanner app. 

Additionally, patients must only scan QR codes from reputable websites and applications, such as the printed materials, website, or app of their healthcare practitioner. Patients shouldn't scan a QR code if it seems sketchy or is from an unknown source. 

Finally, patients should exercise caution when sharing sensitive information via a QR code, such as their medical history or insurance details. They should only provide this information to reputable healthcare practitioners who can vouch for its secure and encrypted transmission.
Read more »
Subscribe to: Posts (Atom)