Over the last few weeks, a new phishing operation focusing on e-banking users from Germany has been in progress, using QR codes during the credential-stealing operation.
As explained by BleepingComputer, the cybercriminals behind this phishing campaign employ a variety of techniques to get through security measures and persuade their victims to read the emails and act in accordance with the instructions.
Cofense security experts sampled many of these messages and meticulously detailed the attackers’ methods in their analysis.
More About the Phishing Campaign
According to the researchers, the messages have been attentively created, including financial institution logos, well-structured information, and a generally consistent style.
The phishing emails’ subjects range from requesting the user’s approval regarding the bank’s data policy modifications to asking that they review new security measures.
This method demonstrates thorough planning, as the cybercriminals do not make the usual exaggerated claims of account exposure and do not inform the victim of a potential crisis.
As explained by BleepingComputer, when the targets click on the embedded button, they land on the phishing website after navigating through Google’s feed proxy service ‘FeedBurner.’
Furthermore, the attackers register their custom domains, which are utilized for both the re-directions