QR codes are very handy. They are everywhere these days. You can use your mobile phone to do a quick scan to do online ordering, pick up details about a product, even initiate certain payments using a QR code.
This week’s scam is a new twist on our old favourite, the sextortion scam. QR codes are now another way that phishers can get at data, capture login credentials, and take payment for sextortion.
What Does the QR Code Sextortion Email Look Like?
The sextortion email came in on my business email account displaying in the “about” field an actual password that I have used in the past. This is possible because both this email address and password were lost in a data breach at some point. As data breaches increase year-on-year, this situation is becoming more common – the display of an actual password adding weight to the claims in the email.
The claims in the email are the usual you see with a sextortion ransom email. The scammer claims to have (apparently) infected my machine with keylogger malware. This then allowed the fraudster to use remote access to switch on my computer camera to ‘catch me in the act’ watching a porn site.
The scam is all around a threat to share a video taken of me watching porn, which will be shared with my contact list stolen from my email account if I don’t cough up the ransom money.
I laughed, but it isn’t funny if you are tricked by this type of extortion. Around 1 in 10 phishing emails are sextortion. This means that they must have a degree of success or the fraudster would drop this method and move onto another scam type.
The QR code, in this scenario, contained the bitcoin wallet address to transfer the $1697 worth of bitcoins demanded by the fraudster. They even gave me a friendly hint about Googling how to transfer bitcoins if I wasn’t sure how to do it.
Why Use a QR Code in a Phishing Email?
The reason a QR code is being used in sextortion phishing scams is because QR codes evade detection by URL checking tools. Again, this shows the importance of using security awareness training as well as technological measures to prevent cyber-attacks.
– Watch our free taster sketch “Phishing Emails in Real life” from our hilarious Sketches security awareness training series
Other QR Code Scams
QR codes are being used in other types of phishing scams too, including:
- A parking scam that tricks a person into scanning a QR code using a banking app – the result, lost banking credentials.
- A QR code to open an important document received in an email – a QR code scan takes the user to a phishing website that steals login credentials.
Cybercriminals up their game continuously, they are nothing if not inventive. We can only fight fire with fire. Using employees who are trained to spot these types of scams is vital in the fight against cybercrime.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The QR Code Sextortion Scam
An email that states that you have been videoed looking at a porn site is a sextortion scam. The email contains a threat that the video will be shared with your email contact list unless you pay a large sum of money in bitcoins. A QR code is provided in the email to help collect the ransom.
IGNORE THE EMAIL AND DO NOT SCAN THE QR CODE
For more information on what to do if you receive a phishing email check out “What to Do if You Click on a Phishing Link?”
Don’t forget to share this with your colleagues and friends and help them stay safe.
Let’s keeping breaking scams!
Subscribe to the Proofpoint Blog