The number of image-based phishing attacks in which attackers manipulate QR code has increased significantly.
That’s according to secure email provider Inky. According to researchers, with the rise of the QR code, the number of image-based phishing attacks has increased sharply, especially since 2022. According to Inky, it is because in the past year the QR code, especially as a marketing tool, has experienced its breakthrough worldwide.
Image-based phishing is a method in which an image, such as a QR code, is added in a phishing email. Most e-mail clients show this image immediately, as it is not sent as an attachment. Since there is no (phishing) text and no URLs to open, victims assume it is safe to open the email.
The image or QR code aims to bypass common email security solutions in this way and thus still do the malicious work. For example, by installing viruses or data theft software.
QR code and phishing practice
Inky found that the use of image-based phishing with QR codes has some similarities. Employees are often asked to scan the malicious QR code with their smartphones. Often, this involves imitating a Microsoft-related QR code and the email appears to come from their own company.
After scanning, employees are asked to perform certain account actions. These include setting up 2FA configuration, confirming an account or changing a password. If they fail to do so, problems or repercussions await them, according to the email specialist.
Inky also shares best practices for preventing QR phishing. Among other things, employees should use different forms of communication to confirm new tasks, carefully study the sender of emails, avoid scanning QR codes from unknown sources, and be careful when providing personal and financial information on a site they reach through a QR code.