Be careful, hackers use QR codes to steal money from your bank account
Experienced hackers use phishing emails and QR codes to trick internet users. Using calibrated fake emails, hackers seek to grab their targets’ banking details without their knowledge.
According to computer security researchers Cofense, a new phishing campaign is targeting Internet users based in Germany. The hackers behind the attack are seeking to steal the banking details of customers of two popular German banks.
The attack starts with an email to the victims. The pretext of the email is in particular “requesting approval for changes implemented by the bank” or new security measures to calm the vigilance of Internet users. These emails are carefully worded. There are no spelling or grammatical errors.
Hackers trick users with QR codes
All of the emails contained a link or QR code that led to a phishing site. After investigating, the researchers discovered that some of the phishing emails were hiding a QR code instead of a traditional link. “The attackers included QR codes that, when scanned, lead the user to one of these new malicious domains with the aim of luring mobile banking users,” the Cofense report explains.
Hackers are primarily targeting people who have their bank’s mobile apps. Cybercriminals are attacking an increasing number of smartphone users, who are less likely to be protected by an antivirus than a user who consults their emails on a computer.
QR codes offer several advantages to hackers. First of all, the lack of a URL does not allow users to detect the anomaly when receiving the email. Additionally, researchers have noted that many cybersecurity software does not work with QR codes. A study by MobileIron, an American company specializing in developing authentication software, suggests that QR codes have become a risk for smartphones as their use has become widespread since the Covid crisis.
Unsurprisingly, the hackers took the interface design of the targeted banks’ official websites literally. These fake websites would ask for users’ banking details (passwords, usernames, account number, etc.). This is where the hackers got what they wanted: access to their targets’ bank accounts.