"Attackers place malicious QR codes in high-traffic areas, often disguised as legitimate promotional materials or utility services. Physical mail containing QR codes purporting to be from legitimate services, particularly effective for package delivery and financial service scams. While QR codes represent a small percentage, their unique evasion capabilities and growing adoption rates make them vectors with huge latent potential."
"It shifts the attack onto mobile devices, where traditional email and network defenses have limited visibility. This reflects a clear mobile-first attack strategy, with groups like Kimsuky exploiting trusted QR-code workflows to drive mobile-targeted phishing, or mishing. Once scanned, users are redirected to attacker-controlled pages with little opportunity for interception. The FBI is calling this out because it signals a broader shift toward quieter, socially engineered mobile attacks that evade perimeter-based security."
A North Korea–linked state-sponsored group, Kimsuky, is using malicious QR codes in spearphishing (quishing) campaigns targeting think-tank personnel. Attackers deploy malicious QR codes in high-traffic areas and physical mail, disguised as legitimate promotional materials or utility and delivery services. QR codes obfuscate destinations and shift attacks onto mobile devices, bypassing traditional email and network defenses and enabling mobile-targeted phishing (mishing). Scanning redirects users to attacker-controlled pages with little opportunity for interception, signaling a shift toward quieter, socially engineered mobile attacks that evade perimeter-based security. The FBI provides mitigation recommendations aimed at NGOs, think tanks, academia, and foreign-policy experts.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]