Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Scammers are using a pair of novel tactics to help avoid detection when deploying quishing – QR phishing – campaigns.
Threat analysts at cyber security firm Barracuda have observed scammers taking advantage of two “innovative” techniques to evade detection when rolling out QR-powered phishing campaigns.
Quishing is a form of phishing that uses malicious QR codes to redirect victims to fake websites in order to steal credentials or personal information.
The two techniques, known as nesting and splitting, respectively, involved altering the malicious QR code in some way in order to confuse email detection systems while still luring victims. Each technique is being employed in a particular phishing-as-a-service toolkit, available to anyone who can afford the fee.
The Gabagool PHaaS kit used the split QR code technique in a recent Microsoft ‘password reset’ scam. This technique splits the QR code into two halves and places them close enough together that the human eye doesn’t even notice it, and so that email security solutions register the code as a pair of benign QR codes. However, when scanned, it takes victims to a malicious website.
The Tycoon toolkit, on the other hand, uses nested QR codes. This technique effectively wraps malicious code around a legitimate one, making it harder for security solutions to catch because of the ambiguity introduced by the nested codes.
“Malicious QR codes are popular with attackers because they look legitimate and can bypass traditional security measures such as email filters and link scanners,” Saravan Mohankumar, Manager of the Threat Analysis team at Barracuda, said in a recent statement.
“Since recipients often have to switch to a mobile device to scan the code, it can take users out of the company security perimeter and away from protection. Attackers will keep trying new techniques to stay one step ahead of adapting security measures. It’s an area where integrated, AI-powered protection can really make a difference.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
