Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Phishing Attacks Use QR Codes to Steal Banking Credentials

Phishing Attacks Use QR Codes to Steal Banking Credentials

A new phishing campaign that targets German e-banking users has been underway in the last couple of weeks, involving QR codes in the credential-snatching process.

The actors are using a range of tricks to bypass security solutions and convince their targets to open the messages and follow the instructions.

The relevant report comes from researchers at Cofense, who sampled several of these messages and mapped the actors’ tactics in detail.

Also Read: 3 Easy Ways for Hard Disk Recycling Protecting Businesses

A clean delivery

The phishing emails are carefully crafted, featuring bank logos, well-structured content, and a generally coherent style.

Their topics vary, from asking the user to consent to data policy changes implemented by the bank or requesting them to review new security procedures.

Phishing email impersonating a German bank
Phishing email impersonating a German bank
Source: Cofense

This approach is a sign of careful planning, where the actors aren’t making the typical overblown claims of account compromise and don’t present the user with an urgent situation.

If the embedded button is clicked, the victim arrives at the phishing site after passing through Google’s feed proxy service ‘FeedBurner.’

Also Read:

Button leading to a re-direction through FeedBurner
Button leading to a re-direction through FeedBurner
Source: Cofense

Additionally, the actors register their own custom domains that are used for these re-directions as well as for the phishing sites themselves.

This extra step aims to trick email and internet security solutions into not raising any flags during the phishing process.

The domains are newly registered sites on the REG.RU Russian registrar and follow a standard URL structure depending on the targeted bank.

Scan this QR code to give us your credentials

In the most recent phishing campaigns, the threat actors use QR codes instead of buttons to take victims to phishing sites.

These emails do not contain clear-text URLs and are instead obfuscated through the QR codes, making it hard for security software to detect them.

Email with QR code leading to phishing site
Email with QR code leading to phishing site
Source: Cofense

QR codes have increased effectiveness as they are targeting mobile users, who are less likely to be protected by internet security tools.

Once the victim arrives on the phishing site, they are requested to enter their bank location, code, user name, and PIN.

Login page on phishing site
Login page on phishing site
Source: Cofense

If these details are entered on the phishing page, the user waits for validation and then is prompted to enter their credentials again due to them being incorrect.

Verification screen on phishing site
Verification screen on phishing site
Source: Cofense

This repetition is a common quality tactic in phishing campaigns to eliminate typos when the user enters their credentials the first time.

No matter how legitimate an email may look, you should avoid clicking on buttons, URLs, or even QR codes that will take you to an external site.

Whenever you are requested to enter your account credentials, always remember to first validate the domain you are on before you start typing.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us