Highlights:
- The campaign has grown 2,400% in size since May, with an average growth rate of almost 270% month over month.
- Most of the emails asked recipients to scan a QR code while posing as Microsoft security alerts with PNG or PDF attachments.
Following China’s lead, where they have largely replaced physical currency in daily transactions, QR codes are undoubtedly one of the most pervasive technologies of the third decade of the 21st century.
The benefit of scanning a QR code is well known, but the consequences of reading malicious QR codes are lesser known. That is the focus of a brand-new study released by security researchers at Cofense Inc., a phishing detection and response solutions provider.
The credentials of users from various businesses are targeted by a malicious QR code campaign, according to Cofense experts. The campaign has grown 2,400% in size since May, with an average growth rate of almost 270% month over month.
The most prominent target, a significant American energy corporation, was found to be receiving emails with malicious QR codes in 29% of all incoming emails. Manufacturing, insurance, technology, and financial services are among the highly targeted sectors.
Most emails asked recipients to scan a QR code while posing as Microsoft security alerts with PNG or PDF attachments. Any QR code scan, much alone one that is harmful, removes the user from the enterprise environment’s security.
The elaborate effort may suggest that the malicious actors are investigating the viability of QR codes as an attack vector, according to Cofense researchers, who note that they have not observed significant harmful campaigns using QR codes before.
“While QR codes do have legitimate reasons to be used, malicious actors also have reasons to use them as well. It is imperative that employees are trained not to scan QR codes in emails they receive, they add, as doing so will help ensure that accounts and businesses security remain safe,” warned Cofense researchers.