Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon
Essential information
- Published
- 01/04/2025 15:36
- Modified
- 01/04/2025 15:59
- Tags
- 2025-04-01 business email compromise credential harvesting human verification phishing qr code quishing social engineering url redirection
- Related entities
- 57 observables, 14 techniques (mitre), 6 others
Description
Since late 2024, attackers have employed new tactics in phishing documents containing QR codes. These include concealing final phishing destinations using legitimate websites' redirection mechanisms and adopting Cloudflare Turnstile for user verification. Some phishing sites specifically target credentials of particular victims. QR code phishing, or quishing, embeds phishing URLs into QR codes, enticing recipients to scan them with smartphones. This bypasses traditional security measures and targets personal devices. Attackers use URL redirection, exploit open redirects, and incorporate human verification within redirects to evade detection. The phishing operations typically involve redirection, human verification, and credential harvesting. These evolving tactics challenge both security detection mechanisms and user awareness.