A new cybercriminal campaign targeting German e-banking users uses phishing with QR codes to obtain credentials. Cofense specialists warned about the new company.They write that phishing emails from criminals are carefully crafted, contain bank logos, structured content, and are generally well written.
The topics of such messages differ: the user may be asked to consent to the changed data processing policy, or hide behind a request for a review of security procedures.
When a victim clicks a button embedded in an email, he is taken to a phishing site by going through the Google FeedBurner feed proxy service. Hackers also register their own domains for these redirects. The researchers say this extra step is designed to trick security solutions into ignoring clicks on suspicious links and the links themselves. As a rule, such domains are recently registered at REG.RU and have a standard URL structure (depending on the target bank).
However, in recent phishing campaigns, cybercriminals have begun using QR codes instead of built-in buttons to redirect victims to phishing sites. In fact, such emails do not contain clear text URLs, making them even more difficult to detect. Experts also say that QR codes are more effective as they target mobile users who are less likely to be protected by antivirus software.
On the phishing site of the scammers, the user is asked to provide information such as the location of the bank, code, username and PIN. Then the victim waits for some time for verification, but soon she is prompted to enter her credentials again, as supposedly the first time something went wrong. This repetition is a common tactic among attackers, and is used to identify typos that the user may have made when entering credentials the first time.
Experts remind: no matter how legitimate the email looks, you should avoid clicking on any buttons, URLs, or even QR codes that will lead to some external site.
Let me remind you that we reported that Ukrainian cyberpolice neutralized one of the world’s largest phishing services.
User Review( votes)