Phishing Security Controls Fully Bypassed Using QR Codes

Researchers discovered a new phishing campaign that abuses QR codes to redirect targets to phishing landing pages, effectively circumventing security solutions and controls designed to stop such attacks in their tracks. The phishing emails were camouflage as a SharePoint email with a “Review Important Document” subject line and a message body which would invite potential victims “Scan Bar Code To View Document.” Phishing landing page on mobile “Though the user may now be using their personal device to access the phish, they are still in the ‘corporate’ mindset as the original email was received at their business email address,” as Cofense further highlights. “Therefore, it is highly likely that the victim would input their corporate account credentials to attempt to access this ‘document’.” The QR code-powered phishing emails successfully reached the inboxes of Cofense customers in corporate environments where Symantec Messaging Gateway was running, with the messages being tagged as “Not spam” by the security solution.