Attackers Are Using QR codes As a Weapon to Steal Employees Microsoft Credentials

A massive QR code phishing campaign targeting Microsoft credentials across several businesses has recently been uncovered, as stated in a recent discovery.

Importantly, a significant US-based energy corporation is at the center of this attack, underlining the significance of strong security procedures to counter growing threats. 

The rise of QR code phishing

A phishing detection business called Cofense has been monitoring a sophisticated phishing operation that uses QR codes to trick people into giving up their Microsoft login credentials since May 2023. 

A significant US energy firm, which received approximately 29% of the more than 1,000 fraudulent QR code emails noticed, is the campaign's most notable victim. 

Manufacturing, insurance, technology, and financial services are among the sectors that are impacted.

They account for 15%, 9%, 7%, and 6% of campaign traffic, respectively. 

These QR codes are actually phishing sites or redirections that pretend to be Microsoft security alerts.

Uncover the QR code campaign

QR code image sample

Sending emails with PNG or PDF files that ask people to scan QR codes is the campaign's tactic. 

Because the phishing link is hidden within the QR image, it is more likely to reach inboxes than standard phishing links. 

Then, this image is included as an attachment, frequently as a PNG or PDF file. 

This covert delivery technique seeks to get past security measures and take advantage of user interest.

Implications for businesses

The seriousness of the threat is highlighted by the campaign's focus on a significant energy business. 

The campaign's astonishing growth rate, with an average month-to-month increase of more than 270%, is a concerning trend. 

Bing redirect URLs are used frequently in the campaign, taking advantage of the authority of this Microsoft-owned website. 

Read more: Launch of QR Code Smart Digital Business Cards by Syncredible