Researchers have discovered another phishing campaign that utilises QR codes in an attempt to exploit e-banks in Germany. The phishing emails typically target users and lure them into submitting their internet banking credentials.
Phishing Campaign Targeting Germany Banks
According to a recent post from Cofense, their researchers have observed a new phishing attack in the wild target bank users in Germany. The phishing emails, in this case, include QR codes to trick users into submitting their ebanking login credentials.
Briefly, the attack begins when a user receives an email impersonating a bank. Usually, the email body includes text in the German language, mentioning some policy changes or security updates from the bank. The emails also include phishing redirections which may either include compromised domains or custom domains and web pages created by the attackers. However, if the recipient appears to be from outside Germany, the redirections would work differently.
In some recent emails from this campaign, the attackers even use QR codes for redirections, potentially luring mobile users.
The phishing web page asks the user to submit bank information and login credentials. Nonetheless, proceeding to sign in will only give the user a failed login error message, ending the phishing attack. The user eventually ends up losing sensitive data to the adversary.
This isn’t the first case of using QR codes for phishing. Earlier, a similar phishing campaign surfaced online that used QR codes to evade detection. At that time, the attackers aimed at stealing users’ email login credentials.
Stay Wary Of Phishing
No matter the target, the aim of such attacks remains to steal data from the users, especially login credentials. This is because these two things – username and password – are the key to gaining access to almost all of your data once an adversary gains access to the target account.
That’s what the users should stay wary of. Regardless of how legit an email appears or a phone call sounds, never submit your PINs, login details, banking information, social security numbers, and other personal stuff to strangers unless you can verify the legitimacy of the other party.
Besides, since holidays are just beginning, users should exercise extra caution to avoid such phishing attempts.