A NEW PHISH JUST DROPPED!

Americo L.

Digital Security Leader, NZ Permanent Resident

Published Sep 16, 2024

So today while I was checking my personal e-mail I came across this one e-mail in particular that was all in Japanese, I was just going to dismiss it as spam, as it most likely is but I noticed a QR code.

Just yesterday NZ Police were warning about QR codes being left in "surprise" packages and when you scan them to find out who sent them. Except what really happened is that the QR code was malicious, and all your financial data is stolen from your phone.

So now we have a cool new hybrid, a spam email with a QR code

The QR code drops you here:

hxxps://translate(.)google(.)com/translate?sl=auto&tl=ja&hl=ja&u=hxxps://blue-mouse-4eb8.yohhzgs(.)workers(.)dev/&client=webapp

Then the redirect sends you here:

hxxps://8gbtrhtrh(.)duckdns(.)org/app/signin/openid/pape/error

Duck DNS is a free dynamic DNS service that allows users to push domain names to any IP so as static IPs get blocked the names can be moved around,

So let your users be aware of this.

As always it is probably best not to just trust any QR code form an unverified source.

A NEW PHISH JUST DROPPED!

Americo L.

Digital Security Leader, NZ Permanent Resident

More articles by this author

Insights from the community

Others also viewed

You’ve Got Mail

MCMC bans SMS with hyperlinks, callback numbers, and personal info requests from Sept 1

Addressing the Unaddressable

Is the IP address unique?

How to determine the class of an IP address

Again, and again, and again...

Email hacked - please delete dodgy message received from my account!

Resolving Vilification: Day 2 What Symptoms & Impacts Arise from Experiencing Vilification?

Countdown before passwords collapse

Turn on E-mail Encryption for Sensitive Messages

Explore topics

AI Interviewers, More Vulnerability than Convenience.

Oct 2, 2024

Who at HP thought this was a good idea?

Oct 2, 2017