SCAM ALERT! – QR Codes – Its Called QRishing or Quishing

Published On November 1, 2021 | By Tom Huskerson | News and Analysis

Online scam artists have found a new trick to steal your data. These clever jerks are seizing on the use of quick response or QR codes that have become common in restaurants during the pandemic. Now scammers are using them to try to steal user’s Microsoft credentials and other data.

Abnormal, an email security company, uncovered a campaign that used compromised email accounts in order to bypass standard security screening. The emails then targeted nearly 200 email accounts between Sept. 15th and Oct. 13th of this year. Phishing is nothing new but the continued innovation of cyber criminals is reflected in the latest example of QR code-enabled phishing aptly named “QRishing” or “Quishing” that goes back as far as 2012. Warnings issued by the Better Business Bureau alerted the public of QR code scams this summer. The Army Criminal Investigation Command’s Major Cybercrime Unit also warned of potential problems in March.

Hackers are smart and quick thinking. An earlier version of the attack contained an embedded a malicious link behind what looked like a voicemail .WAV file. As soon as that link was flagged by security screening services the hackers quickly switched to a QR code to redirect a victim to a credential harvesting page. The hackers behind the campaign have not been identified.

The message accompanying the QR code instructs the victim to scan it to “enable you to listen to encrypted voicemail.” That then led to a fake Microsoft landing page that prompted the victim to enter their email and password in order to play the message. And just like that the hacker has the user name and password to your Microsoft account.

QR codes have become a useful tool that enables contact free ordering at restaurants. Most recently QR codes have been used to verify vaccine status allowing entry to venues in the COVID-19 era.

But the reality is this scam is as standard as they come. It relies on the victim clicking or downloading something they shouldn’t from someone they don’t know. Why would you click on “encrypted voice mail” in the first place?

But Rachelle Chouinard, a threat intelligence analyst at Abnormal, pointed out that the QR scam is a bit clumsy and convoluted. It requires the victim to open the email on their computer, then use their phone’s camera to scan the QR code taking them to the fake Microsoft login page to steal a user’s credentials. “Does this actor expect them to go back and open it on their computer? Or send the email to the printer? Use another phone? At what point does the victim begin to suspect a scam?” Chouinard wrote.

The next step where the scam stumbles is that the email and credential harvesting page use the English language, but the reCAPTCHA is in German, a potential alarm that something is amiss.

See also;

Smartphone Users Should Stay Safe From Qrishing Scams






Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.