Phishing: More QR Codes in Malicious Emails
Phishing emails purportedly from HR departments attract the most responses from employees.
KnowBe4’s phishing tests reveal that perpetrators are constantly evolving their tactics and adapting to current market trends. Phishing emails with authentic and credible-looking subject lines are particularly successful. One in three users tends to click on suspicious links or comply with fraudulent requests.
QR Codes in Phishing Emails
Over the past year, email topics related to HR have become increasingly popular among cybercriminals as a phishing tactic, especially those concerning dress code changes, training notices, vacations, and more. These themes are effective because they can prompt a person to respond before logically considering the email’s legitimacy. Additionally, they have the potential to impact an employee’s personal life and professional routine.
QR codes in phishing emails are a growing problem. Cybercriminals are attempting to obtain sensitive information or steal money from unsuspecting employees and companies. Common email topics that prompt employees to scan QR codes include MFA migrations, HR reminders, and password expiration notifications. Additionally, the data shows an ongoing trend of cybercriminals exploiting IT and online service notifications, as well as tax-related topics, to lure victims into their phishing schemes.