{"id":44767,"date":"2022-07-01T09:19:12","date_gmt":"2022-07-01T13:19:12","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=44767"},"modified":"2022-07-01T09:19:12","modified_gmt":"2022-07-01T13:19:12","slug":"phishing-qr-code-attack-on-qq-users","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/44767\/","title":{"rendered":"Phishing QR-code attack on QQ users"},"content":{"rendered":"<p>Folks today are generally mostly aware that clicking links from questionable sources, for example in e-mails, isn\u2019t a good idea. However, when it comes to scanning QR codes, people are often much less vigilant. In fact, QR codes can be even more dangerous: while you can check a link with your own eyes before clicking, that\u2019s not the case with a QR code. So perhaps this story about a phishing QR-code attack in China shouldn\u2019t come as a surprise.<\/p>\n<h2>What happened?<\/h2>\n<p>The other day it was <a href=\"https:\/\/www.theregister.com\/2022\/06\/28\/tencent_qq_qr_code_attack\/\" target=\"_blank\" rel=\"nofollow noopener\">reported<\/a> that unknown cybercriminals distributed phishing QR codes offering free game logins, which they then used to hijack some accounts of the QQ messaging and social media platform.<\/p>\n<p>While largely unknown outside China, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Tencent_QQ\" target=\"_blank\" rel=\"nofollow noopener\">QQ<\/a> is a HUGE deal there, with hundreds of millions active users. The platform provides all kinds of services, including chatting, watching movies, blogging, and gaming \u2014 the latter service being the relevant one in this case. It\u2019s developed by Chinese tech giant Tencent.<\/p>\n<p>Due to the regional specific, it\u2019s difficult to tell how exactly the attack began or how many accounts were stolen. However, the incident was large enough for Tencent to publicly apologize in a post on Sina Weibo \u2014 the Chinese version of Twitter.<\/p>\n<p>The mechanics of the attack are more or less clear. As mentioned above, attackers spread malicious QR codes offering free game logins. After scanning such QR codes, users were asked to authenticate with their QQ account. Once they did, the attackers stole the victims\u2019 credentials to then use them for their own gain. As a result, an unknown number of people were locked out of their QQ accounts.<\/p>\n<p>Tencent is aware of the issue and has since restored the affected accounts. The company is working with the local authorities to find out more about the attack.<\/p>\n<h2>Protect yourself<\/h2>\n<p>Although this case mainly affected greater China, the threat of malicious QR codes should not be underestimated \u2014 especially since QR codes have become so ubiquitous in recent years mainly thanks to covid. To be on the safe side, when scanning QR codes, use our Kaspersky QR Scanner (available for both <a href=\"https:\/\/www.kaspersky.com\/mobile-security?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2c_kdaily_wpplaceholder_sm-team___kisa____da04049114cf37d2\" target=\"_blank\" rel=\"noopener nofollow\">Android<\/a> and <a href=\"https:\/\/app.appsflyer.com\/id948297363?pid=smm&amp;c=ww_kdailyplaceholder\" target=\"_blank\" rel=\"noopener nofollow\">iOS<\/a>). The app will tell you if the code points to a dangerous site.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"ksc-trial-generic\">\n","protected":false},"excerpt":{"rendered":"<p>How scammers hijacked QQ accounts in a phishing QR-code attack.<\/p>\n","protected":false},"author":2684,"featured_media":44768,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2683],"tags":[647,76,1557],"class_list":{"0":"post-44767","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-gamers","9":"tag-phishing","10":"tag-qr-codes"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/44767\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/phishing-qr-code-attack-on-qq-users\/24327\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/19794\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/9993\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/26690\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/phishing-qr-code-attack-on-qq-users\/24628\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/25002\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/phishing-qr-code-attack-on-qq-users\/27357\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/phishing-qr-code-attack-on-qq-users\/27011\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/phishing-qr-code-attack-on-qq-users\/33433\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/phishing-qr-code-attack-on-qq-users\/10825\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/phishing-qr-code-attack-on-qq-users\/19114\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/phishing-qr-code-attack-on-qq-users\/19666\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/phishing-qr-code-attack-on-qq-users\/32592\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/phishing-qr-code-attack-on-qq-users\/28350\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/phishing-qr-code-attack-on-qq-users\/25182\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/phishing-qr-code-attack-on-qq-users\/30691\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/phishing-qr-code-attack-on-qq-users\/30440\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/qr-codes\/","name":"QR codes"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44767","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2684"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=44767"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44767\/revisions"}],"predecessor-version":[{"id":44770,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44767\/revisions\/44770"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/44768"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=44767"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=44767"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=44767"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}