QR Code Scams on the Rise

Cybercriminals are continually looking for new ways to hack into your devices and gain access to your network and data. One of the more recent types of cyberattacks we’ve seen is QR code phishing. In this scheme, a cybercriminal will send you a malicious QR code that takes you to a website designed to steal sensitive personal information.

How does QR code phishing work?

QR code phishing schemes begin with a phishing email that includes an attachment with a malicious QR code. In the email, the recipient is prompted to scan the QR code to take some action designed to steal credentials or financial information.

In a recent attack on a U.S. energy firm, the malicious QR code asked recipients to update their Microsoft 365 account settings. The email also stated this action must be completed within three business days, adding a sense of urgency to the request.

What is unique about QR code phishing schemes is that the malicious QR code can bypass email security tools because the malicious link is embedded in an image. This makes these schemes more dangerous than traditional phishing campaigns and requires more education on the part of employers.

Best practices to protect your personal information from QR code phishing

To protect yourself and your business from malicious QR code scams, it’s important to stay vigilant and educate employees. The following tips are just a few best practices that we recommend.

• Only scan QR codes from trusted and known sources. If you have any doubt, do not scan it, as it may be a malicious QR code.
• Before following the email request, ask yourself if it makes sense. Is there a reason why Microsoft would be asking you to verify your account? If so, go directly to the Microsoft Authenticator app.
• Never download any unknown apps on your phone, tablet or computer – particularly your employer-issued devices. Bad actors can use apps to access personal information and infiltrate your network.
• Check the spelling of the sender’s email address and the URL provided in the email. Subtle spelling changes are just one way that cybercriminals can trick recipients into following their prompts.

At Atlas, we also recommend all our clients take a layered approach to cybersecurity to better protect from cyberattacks. These best practices include:

• Endpoint detection and response (EDR)
• Advanced threat detection (ATD)
• Advanced threat prevention (ATP)
• Virtual private networks (VPN)
• Multi-factor authentication (MFA)
• Email spam filtering
• Firewalls 

We also recommend advanced cybersecurity monitoring with Arctic Wolf.

Interested in enhancing your cybersecurity measures to protect against malicious QR codes?  Contact us today to learn more about our best practices to protect your personal information.