Apply

Security Advisory

QR Code Phishing

Threat Level: Medium
Threat Type: PhishingAdvisory
Date: 10/16/2023

Description

The University has been receiving QR Code Phishing attempts. This attack uses a technique referred to as ‘Quishing’. The observed activity consists of actors sending malicious links embedded in QR Codes attached to legitimate looking emails claiming to be from trusted sources. For example, we have seen malicious emails masquerading as Microsoft 2FA security requests.

When the malicious QR Code is scanned by a device, it will lead potential victims to a legitimate looking, yet malicious website requesting the employee’s username and password, most commonly for their Microsoft account. These malicious emails create a false sense of urgency to encourage users to submit their credentials quickly, potentially enabling malicious actors to perform further actions such as data theft, system damage, or unauthorized access to your device.

Example Email:

From: "Uregina |Support" <Unknown@BadGuy.net>
To: Regina.User@uregina.ca
Subject: Authentication Required For URegina User

Impact

  • This style of phishing attack can be successful because it's often mistaken for a legitimate email.

Resolution

If you are concerned about the security of your account after receiving a phishing message, you can take the following actions:

  • Change your password. https://novapp.cc.uregina.ca/perl/chpass.pl
  • Choose a password that is:
    • Completely different than your previous password.
    • Not used anywhere else.
    • Does not contain your previous password.
  • Check your account for email forwarding and mailbox rules.

Resources

Please contact the IS Service Desk, if you have any questions or require assistance:
Email Service.Desk@uregina.ca
Phone 306-585-4685
Webform https://www.uregina.ca/is/forms/ticket.htmlIn person at ED 137 or Archer Library Commons

External links