Scammers exploit LA wildfires with QR code phishing

In the wake of the Los Angeles wildfires, Check Point researchers have discovered an alarming trend involving scammers exploiting community generosity through QR code phishing schemes.

The recent wildfires in Los Angeles have wreaked havoc, resulting in 24 fatalities, the destruction of 12,000 structures, and the evacuation of 88,000 residents. Amidst this crisis, there is a significant power outage affecting over 75,000 households in Los Angeles County alone. While communities work to support those affected, malicious parties are leveraging these events for fraudulent gain.

Check Point researchers report a surge in phishing schemes where scammers utilise QR codes embedded in emails to mislead donors. These codes often direct users to fake donation pages, aiming to extract personal and financial information under the guise of charitable solicitations.

"As communities come together to support those affected by the devastating wildfires in Los Angeles, scammers are taking advantage of this generosity," Check Point stated in their blog. "This isn't a direct cyberattack but a deceptive scheme designed to exploit emotions and urgency during a crisis."

Key findings from Check Point's latest research highlight the increase in QR code usage in phishing scams. Notably, 88% of all malicious files are delivered via email, positioning phishing as a primary attack method. Disasters like the Los Angeles wildfires tend to exacerbate these trends, with a marked rise in scams mimicking charity or government agencies' communications.

AI-driven phishing scams complicate the issue further, boasting a success rate 40% higher than other methods by facilitating more convincing counterfeit donation campaigns. The convenience and growing reliance on QR codes in legitimate transactions make them a potent tool for scammers, who capitalize on the trust users place in these codes.

According to Check Point, roughly 80 recipients have already fallen victim to these cyber tactics, with initial emails functioning as vehicles for credential theft. These phishing emails appear to originate from genuine sources and are designed to capture Microsoft account login details.

The Los Angeles wildfires underscore the emotional manipulation inherent in these scams. Scammers harness the urgency and emotional impact of the crisis to prompt hasty, uncritical donations, exploiting the inherent trust many place in QR codes, especially when scanned via mobile devices, which often lack robust security defences.

To mitigate these threats, organizations are encouraged to educate their staff on identifying suspicious emails, especially those involving QR codes. Check Point recommends implementing advanced email security solutions capable of intercepting phishing attempts, such as their Harmony Email & Collaboration service. Furthermore, deploying Mobile Device Management systems to secure employees' devices can help reduce the risk of QR code phishing attacks.

Check Point advocates for the creation and maintenance of an incident response plan to swiftly address and mitigate phishing attacks' impacts, ensuring preparedness for such incidents.

The severity of the Los Angeles wildfires serves as a stark reminder of the necessity for vigilance when donating to disaster relief efforts. Check Point emphasises verifying the authenticity of donation requests and recommends contributing through well-established organizations to prevent exploitation.

"The Los Angeles wildfires remind us of the importance of community and mutual support during challenging times," concludes Check Point. "Yet, scams like these highlight the need to be informed and cautious when contributing to relief efforts."