New research released by Check Point Software Technologies reveals typical QR code attacks, with 20,000 incidents of QR code phishing and malware attacks uncovered in two weeks through Check Point's real-time cyber threat map, highlighting the vulnerability of QR codes to cybercriminals.
QR code is:"quick response code"The abbreviation of (Quick Response Code) is a kind of matrix barcode developed by the Japanese company Denso W**E in 1994. QR codes can store a lot of data, including information such as text, links, numbers, and more. Compared to traditional barcodes, QR codes have a higher data capacity and faster scanning speed. Compared to China, it is often used by everyone for us to enter the era of Internet finance, scanning *** has become a means of daily payment.
In the attack, the user is redirected to a credential theft page, adjusting the redirect chain based on the user's device, with the goal of installing malware and stealing credentials. Check Point's real-time cyber threat map uncovered 20,000 attacks in two weeks, highlighting the vulnerability of the cybercrime sector.
hackread.Check Point Research has previously reported that Check Point Research noted a 587% spike in phishing attacks between August and September 2023. This can be attributed to the lack of protection in email security solutions as well as the widespread use of scanning.
Security vendors strive to develop new protections, but threat actors respond with new variants of attacks. Recently, Bitdefender has observed an increase in YouTube streamjacking campaigns using deepfakes** for cryptocurrency theft. YouTube streamjacking is a criminal practice in which criminals steal accounts through live pop-ups,** and malicious links.
In October 2023, Slashnext reported an increase in ***-based phishing attacks using quishing and qrljacking. Quishing involves spreading malicious links on various platforms to redirect users to phishing or malware.
This is because there are multiple layers of obfuscation, including the *** itself, a blind redirect to another domain, and a reverse engineering protection load. These layers can be used to redirect users to suspicious activities or fake login pages, while hackers can increase their success rate by using conditional redirects.
Attackers send *** with conditional redirects utilizing social engineering techniques and BEC 30。Researchers at Check Point provide multiple examples of such phishing attempts. For example, in one of the cases, the user is asked to get an annual contribution statement by scanning ***.
** with conditional target points based on browser, device, screen size, etc.", Check Point Research is in the hackreadcom noted in the report.
The user's device type affects the display of the link, for example a Mac user sees one link while an Android user sees another. However, the result is the same. However, these attacks highlight the compelling nature of phishing attempts and the importance of multi-layered cybersecurity in preventing the consequences of such attacks.
Usually, if the first redirect is clean, the default security policy is automatically released. However, a complete security solution can prevent these attacks by blocking multiple security policies. This includes email security, browser security, mobile security, anti-malware, and post-delivery security. These security policies work together to block suspicious behavior, inspect for and decode attacks.
But these attacks are difficult to detect or prevent, there are multiple layers of obfuscation, and security professionals need AI-based security, the ability to decode attacks, and multiple layers of protection.
The IP can determine and analyze network activities, and in the case of an attack, these functions can help track the attacker's activity path and alert high-risk IPs, so as to strengthen the ability to respond to attacks. By implementing these best practices, security professionals can go a long way toward protecting against phishing attacks and protecting their systems.
References: