Phishing attacks using QR codes targeting major energy companies

Security firm Cofense warns that phishing attacks using QR codes are being targeted at major energy companies. According to the survey, about 29% of the over 1000 emails contained malicious QR codes.

Major Energy Company Targeted in Large QR Code Campaign

According to Cofense, the email is disguised as a security notice from Microsoft, with PNG and PDF files attached, asking the target to scan a QR code.

The number of phishing attacks using QR codes has increased by 2400% since May 2023, with an average monthly growth rate of more than 270%.

Since QR codes are supposed to be read by mobile devices such as smartphones, they have never been used in large-scale attack operations.

For this reason, Cofense points out that this attack operation may be a test for threat actors to explore 'whether it is effective to use QR codes for attacks.'

According to Cofense, the following email was used in the attack. The QR code is processed by Cofense so that it cannot be recognized.

Among the URLs read by scanning the QR code, in the case of Bing's redirect URL, the phishing link encoded in Base64 and the victim's email address were included as parameters. It seems that Bing was used in 26% of attacks.

In addition, energy companies were overwhelmingly the targets of attacks, followed by manufacturing, insurance, and technology companies.

Cofense advises keeping your account and business safe by avoiding scanning QR codes on incoming emails.