Seasoned hackers use phishing emails and QR Codes to trick Internet users. Thanks to calibrated fake emails, hackers seek to seize the bank details of their targets without their knowledge.
According to Cofense IT security researchers, a new phishing campaign targets internet users residing in Germany. The hackers behind the attack seek to seize the bank details of customers of two German popular banks.
The attack begins with an email sent to the victims. The email is a pretext, in particular the “Request for consent to changes implemented by the bank” or new security procedures to lull the vigilance of Internet users. These emails are carefully drafted. There are no spelling or syntax errors.
On the same theme: Be careful with phishing, do not click on these fake emails from the gendarmerie!
Hackers Trick Users With QR Codes
All emails contain a link or a QR Code relaying to a phishing site. After investigation, the researchers found that some phishing emails hide a QR Code rather than a traditional link. “Attackers include QR codes which, when scanned, lead the user to one of these new malicious domains in an attempt to lure mobile banking users”, explains the Cofense report.
Hackers mainly target people who have their bank’s mobile application. Cybercriminals are attacking more and more users of a smartphone, which is less likely to be protected by an antivirus than the user who consults his emails on a computer.
QR Codes offer several advantages for pirates. First of all, the absence of a URL does not allow users to spot an anomaly upon receipt of the email. In addition, many cybersecurity software does not work with QR Codes, the researchers note. As a study by MobileIron, an American company specializing in the development of authentication software, points out, QR Codes have become a danger for smartphones as their use has become widespread since the Covid crisis.
Unsurprisingly, the hackers have taken the interface design of the official websites of the targeted banks to the letter. These dummy sites will claim thebank details of users (passwords, usernames, account number…). This is where hackers get what they want: access to their targets’ bank accounts.