• Thursday, 21st November, 2024

How Hackers Exploit QR Codes to Steal Credentials from Mobile Devices

Business | 11 hours ago

Emma Okonji

Sophos, a global leader of innovative security solutions for defeating cyberattacks, has released the results of Sophos X-Ops research, which revealed how hackers use fraudulent QR codes, emailed by threat actors, to bypass the phishing security measures to steal credentials of companies.

According to the report, the fraudulent QR code, embedded in a PDF document attached to an email, takes the form of a message about payroll, employee benefits, or other forms of official paperwork a business might send to an employee. Because QR codes are not readable by computers, the employee must scan the QR code using their mobile phone.

The QR code links to a phishing page, which the employee may not recognise as malicious since phones are less protected than a computer. The goal of the attackers is to capture employees’ passwords and their multi-factor authentication (MFA) tokens in order to access a company’s system by bypassing the security measures in place.

Giving details of the new threat from hackers, Principal Researcher at Sophos X-Ops, Andrew Brandt, said: “We spent a considerable amount of time sifting through all the spam samples we had to find examples of ‘quishing’. Our research has revealed that attacks that exploit this specific threat vector are intensifying, both in terms of volume and sophistication, especially when it comes to the appearance of the PDF document.” 

In addition to social engineering tactics, the quality of emails, attachments and QR code graphics, these attacks seem to be growing in terms of organization as well. Indeed, some malicious actors now offer as-a-service tools to run phishing campaigns using fraudulent QR codes. In addition to features such as CAPTCHA bypasses or the generation of IP address proxies to bypass automated threat detection, these criminal organisations provide a sophisticated phishing platform that can capture the credentials or MFA tokens of targeted individuals, the report further said.

It therefore advised that organisations must be vigilant about internal emails about HR topics, salaries or company benefits, as Sophos X-Ops’ research has found that social engineering tricks exploit these themes to trick employees into scanning fraudulent QR codes from their mobile devices.

Related Articles

Founded on January 22, 1995, THISDAY is published by THISDAY NEWSPAPERS LTD., 35 Creek Road Apapa, Lagos, Nigeria with offices in 36 states of Nigeria , the Federal Capital Territory and around the world. It is Nigeria’s most authoritative news media available on all platforms for the political, business, professional and diplomatic elite and broader middle classes while serving as the meeting point of new ideas, culture and technology for the aspirationals and millennials. The newspaper is a public trust dedicated to the pursuit of truth and reason covering a range of issues from breaking news to politics, business, the markets, the arts, sports and community to the crossroads of people and society.

Helpful Links

Contact Us

You can email us at: hello@thisdaylive.com or visit our contact us page.