Fortra’s latest research uncovers a new wave of executive phishing attacks leveraging QR codes, carried out by the Phishing-as-a-Service (PhaaS) group Tycoon2fa. This sophisticated campaign targets C-suite executives by embedding malicious QR codes in professional-looking PDF attachments that impersonate internal corporate communications. These QR codes bypass traditional email security and exploit vulnerabilities in mobile devices to harvest Microsoft 365 credentials.
Tycoon2fa’s approach highlights the evolution of phishing attacks from email-based threats to mobile-first vectors that evade enterprise defenses. The campaign’s use of hyper-personalized social engineering and mobile exploitation underscores the urgent need for organizations to strengthen executive-focused security strategies, including QR code recognition, mobile device management, and targeted phishing simulations.
Originally published in Cyber Technology Insights.
Excerpt: ”Enterprise security professionals need to realize that phishing is no longer simply an IT security issue; it is now a boardroom risk.”