Unnamed US Energy Company Targeted with QR code Phishing Campaign
Cybersecurity researchers uncovered a large phishing campaign using malicious QR codes with the hopes of acquiring Microsoft credentials at several targets, including a major U.S. energy company.
QR codes have become widely adopted since the onset of the COVID-19 pandemic, with thousands of restaurants and businesses replacing physical menus and guides with the machine-readable images that pull up webpages containing the same information. But hackers have been quick to exploit the trend, launching campaigns that spread fake QR codes to steal user information.
Cybersecurity firm Cofense released a new report on Wednesday identifying a campaign that began in May targeting a wide array of industries. The hackers sent thousands of emails containing malicious QR codes to companies, which took users to a Microsoft credential phishing page. The author of the report declined to name the energy company that was attacked but said that about 29% of the emails they tracked as part of the campaign were sent to the energy company.
May 20, 2023
No cost values disclosed.
Type of Malware