Scammers are emailing waves of unsolicited QR codes, aiming to steal Microsoft users’ passwords
Email fraudsters are seizing on the attention around the quick response codes that have become more common in restaurants and stories, leveraging QR codes try to steal users’ Microsoft credentials and other data. The latest campaign, uncovered Tuesday by the email security company Abnormal, leveraged compromised email accounts in order to bypass standard security screening, then target nearly 200 email accounts between Sept. 15 and Oct. 13, 2021. The operation is the latest example of QR code-enabled phishing, with warnings about “QRishing” or “quishing” dating back to at least 2012. The Better Business Bureau warned of such scams this summer, and the Army Criminal Investigation Command’s Major Cybercrime Unit warned of potential problems in March. An earlier version of the effort unveiled Tuesday embedded a malicious link behind what looked like a voicemail .WAV file. When that link was flagged by security screening services, attackers then switched to a QR […]
The post Scammers are emailing waves of unsolicited QR codes, aiming to steal Microsoft users’ passwords appeared first on CyberScoop.