JawaPos.com – Currently, there are more and more cases where users receive emails that appear to come from large companies (for example, Microsoft or the Office 365 cloud service) containing QR codes. But unfortunately, the contents of this email contain suspicious invitations such as “scan the QR code to access your account” and various other invitation sentences.
According to Kaspersky, a typical email of this kind contains a notification saying that your account password will soon expire, after which you will lose access to the email, so the password will have to be changed and it will be necessary to scan the QR code in the email and follow the instructions.
Another email might warn the recipient that “the authenticator session expired today.” To avoid this, users are advised to “immediately scan the QR Code below with your smartphone to reauthenticate your password security.” Otherwise, access to the mailbox may be lost.
If it comes from an unknown source, according to Kaspersky, it’s likely the sender is trying to trick unwary users. They may also hope that the recipient is familiar with authenticator applications that use QR codes.
So, what happens if you scan a QR code in an email? The link in the QR code will take you to a pretty convincing replica of the Microsoft login page.
Scanning the QR code will also take you to phishing sites that steal entered credentials.
An interesting detail is that some of the phishing links in the QR code lead to IPFS resources. IPFS (InterPlanetary File System) is a communication protocol for file sharing that has many similarities to torrenting. It allows you to publish any file on the internet without domain registration, hosting or other complications.
In other words, the phishing page is located directly on the phisher’s computer and can be accessed via a link through a special IPFS gateway. Phishers use the IPFS protocol because it is easier to publish and more difficult to remove phishing pages than blocking “regular” malicious websites.
This way, the link will last longer. ”There is no legitimate authentication system that recommends scanning a QR code as your only option. “Therefore, if you receive an email asking to, say, confirm something, or log into an account, or reset a password, or perform a similar action, and this email only contains a QR code, you are probably dealing with a scam,” Roman commented Dedenok, security expert at Kaspersky.
2024-01-09 04:05:00
#Prevent #Phishing #Carefully #Scan #Codes #Included #Unknown #Emails #Jawa #Pos
