He never intended for them to be so ubiquitous or used for payments. When Japanese engineer Masahiro Hara came up with the idea for QR codes back in 1994, he created them for use in automobile manufacturing to make it easier to keep track of car parts in factories. It’s worth noting that DHL actually requires payment for deliveries in advance which makes this another red flag.Īs making charges to the card after harvesting its details would be a dead giveaway, the cybercriminals behind this campaign are more likely planning to sell the payment data they’ve collected on the dark web at a later date. While this doesn’t raise any suspicions, the next page asks them to share their bank or credit card details to pay for the delivery. ![]() If a user does scan the QR code in the fake email from DHL, they’re taken to a website with small text and informed their package will arrive in 1-2 days but to receive it, they’ll need to enter their first name, last name and address. For instance, on mobile devices, URLs are not fully visible which makes them more difficult to inspect. As a result, the malicious site will open on a smaller screen where signs of phishing are harder to spot. Switching from a bigger screen to a smaller oneīesides bypassing email security solutions, this campaign also makes use of QR codes to make it easier to trick users once they arrive on the cybercriminals’ phishing page.Īccording to Kaspersky, the idea seems to be that a victim will open the phishing email on their computer and then switch to their smartphone to scan the QR code. However, many of them can’t yet scan for malicious QR codes which is why cybercriminals have begun using them more frequently in their schemes. ![]() All of the best email services automatically scan for malicious links in messages that can lead to phishing sites or malware.
0 Comments
Leave a Reply. |