QR codes have less chance of being picked up by cybersecurity defences than links or attachments -- and cyber criminals are trying to exploit them.
Cyber criminals are sending out
phishing emails containing QR codes in a campaign designed to harvest login credentials for Microsoft 365 cloud applications.
Usernames and passwords for enterprise cloud services like Microsoft 365 are a
prime target for cyber criminals, who can exploit them to launch
malware or
ransomware attacks, or sell stolen login credentials onto other hackers to use for their own campaigns.
Cyber criminals are looking for sneaky new ways to dupe victims into clicking links to phishing websites designed to look like authentic Microsoft login pages, accidentally handing over their credentials.
