A major energy organization in the US has been targeted in a phishing attack that utilizes QR codes to deliver malicious emails. The attack specifically focuses on the energy company, with a significant portion of the phishing emails directed towards them. Other industries, such as manufacturing, insurance, technology, and financial services, have also been targeted to a lesser extent. This campaign marks the first widespread use of QR codes in phishing attacks, suggesting that more attackers may adopt this technique in the future. By embedding QR codes in images, the threat actors can bypass email security tools and redirect victims to a phishing page disguised as a Microsoft 365 update. While QR codes have been used in smaller phishing campaigns before, their usage is increasing, leading to warnings from organizations like the FBI. Despite their effectiveness, QR codes still require user interaction, and trained personnel and protective measures can help mitigate the risks.
| Signal | Change | 10y horizon | Driving force |
|---|---|---|---|
| QR code phishing attack targeting energy company | Increased use of QR codes in phishing attacks | QR codes used more frequently in phishing attacks | Cybercriminals testing effectiveness of QR codes as attack vector |