Phishing: A New Trend - Plywooding QR Codes in Public Places

Good day, by
this post I want to warn the Russian-speaking community about a new phishing trend, which is moving with leaps and bounds across Europe. Currently covered Germany. I think at such a pace very quickly get to Russia and the CIS.

The point is that the QR code on the poster at the airport, on the doctor’s brochure, or on the information sticker in the bank, for example, is carefully glued to another, which leads to the malicious page of the fisher, respectively. Sometimes it is even cut out and glued in a new one, for example, from inside the bank, on a poster behind glass on the outer wall or the front door. Outside, such plywood is practically not visible under the glass and there is no doubt that the QR code belongs to the bank.

Even people who are serious about the security of their data, for example, checking URLs in browsers before paying with PayPal, etc. fall into such a trick. This is due to the high level of trust in information hanging, for example, inside a large bank.

From my acquaintances, we already have two cases:
- One took away and changed all the passwords stored in the phone’s browser, after visiting the website advertising the film, with a QR code taken at Frankfurt Airport. Upon arrival in Hamburg could no longer go nowhere; (UPD) Details in the comment ...
- A friend of my second zakomoy covered more seriously. He, seeing a “sale” of a new version of StarMoney at a bank at a discount (aka Home Banking, a popular banking program in Germany), decided to buy it by phone - QR from a poster, etc. The result is the password removed by PayPal and a certain amount of funds debited by PayPal from the account.
By the way, everything could end for him much worse - StarMoney is distributed by the download-ohm. Those. they could send him the left URL to the StarMoney Trojan at all - then a white fur-bearing animal would come to all his accounts in general.

So be vigilant and be sure to tell your household!