"Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis"

Security researchers from Cofense discovered the use of QR codes in phishing attack campaigns to bypass URL analysis. Phishing emails have been disguised as SharePoint emails, which contain a QR code to be scanned by recipients in order to view an important document. The QR code redirects recipients to a malicious site where phishers can obtain their account login credentials for AOL, Microsoft, and more. This article continues to discuss the exploitation of QR codes in phishing attack campaigns to evade security controls. 

Security Intelligence reports "Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis"