This post is also available in: heעברית (Hebrew)

Recent reports suggest that a phishing campaign, which has been active for a while, has used QR coded to target Mandarin language users to steal their information. The cyber criminals would redirect users to a phishing site, luring them to provide their personal information.

The campaign would start with a simple email containing a Microsoft Word document. The email attempts to spoof the Chinese Ministry of Finance. Translated to English, the email subject in reads: “Re: Notice on the application for personal labor subsidies in 2022”. The body states, “Please click on the attachment to view the notification of the Ministry of Finance’s application for personal labor subsidies in the fourth quarter of 2022!”.

The attachment would then display a large QR code sending them to a seemly credible government website, which would then ask for the user’s credentials.

Threat actors and criminals find credentials to be a valuable resource as they can gain direct access to a victim’s applications or environment. These credentials may be used directly by the attacker or sold to another group for their operations. This particular phishing campaign highlights the fact that attackers are making a significant effort to make their landing pages appear realistic and to convince victims to lower their defenses.

Prepared to dive into the world of futuristic technology? Attend INNOTECH 2023, the international convention and exhibition for cyber, HLS and innovation at Expo, Tel Aviv, on March 29th-30th

Interested in sponsoring / a display booth at the 2023 INNOTECH exhibition? Click here for details!