QR Code: HP spots rising wave of attack by hackers

A new HP survey has revealed an uptick in QR code phishing campaigns that trick users into scanning QR codes from their PCs using their mobile devices.

HP Inc. which released its latest quarterly HP Wolf Security Threat Insights Report, shows increasing diversification of attack methods being used by hackers.

According to the report, there has been a surge in QR code phishing campaigns that trick users into scanning QR codes from their PCs using their mobile devices, directing them to malicious websites asking for credit and debit card details.

The report reveals a 38% rise in malicious PDF attachments and a 20% increase in the popularity of archive files, such as ZIP, RAR, and IMG, which are being used by threat actors to run their payloads.

Since February 2022, when Microsoft began blocking macros in Office files by default, attackers have been forced to look for new ways to breach devices and steal data.

The HP Threat Research team, the tech company says, has identified the latest techniques being used by cybercriminals through the analysis of data from millions of endpoints running HP Wolf Security.

GSMA: Beyond 50% tariff increase, Nigeria ‘needs telecoms reforms’ to drive digital economy

Zamfara, Oracle ink deal to equip youth with future-ready digital skills

Tinubu launches child protection database to track violence, lift future of children

Minister: Nigeria tapping local tech to fuel economic growth

EFCC, TCTI launch digital skills to combat youth cybercrime in Nigeria

Nigeria eyes methanol fuel technology stakes to power green economy

Airtel Africa sees smartphone boom, data surge as Nigeria drives digital inclusion

Nigerian watchdog flags PWAN, Tofro.com as Ponzi threats as fraudulent investments surge

NIMC rolls out NINAuth to secure digital identity of Nigerians

Nigeria inks defence tech deal with China

Alex Holland, Senior Malware Analyst at HP Wolf Security, says that “when one door closes another opens – as shown by the rise in scan scams, malvertising, archives, and PDF malware.” He asked users to be vigilant when receiving emails or websites that ask to scan QR codes and to look out for PDF files linking to password-protected archives.

The report also found that organisations should deploy strong isolation to contain the most common attack vectors like email, web browsing, and downloads.

By combining this with credential protection solutions that warn or prevent users from entering sensitive details onto suspicious sites can greatly reduce the attack surface and improve an organisation’s security posture, HP says.

HP Wolf Security runs risky tasks like opening email attachments, downloading files, and clicking links in isolated micro-virtual machines (micro-VMs) to protect users, capturing detailed traces of attempted infections.