A new phishing campaign that targets German e-banking users has been underway in the last couple of weeks, involving QR codes in the credential-snatching process.
The actors are using a range of tricks to bypass security solutions and convince their targets to open the messages and follow the instructions.
The relevant report comes from researchers at Cofense, who sampled several of these messages and mapped the actors’ tactics in detail.
A clean delivery
The phishing emails are carefully crafted, featuring bank logos, well-structured content, and a generally coherent style.
Their topics vary, from asking the user to consent to data policy changes implemented by the bank or requesting them to review new security procedures.