One of KnowBe4's long-term employees just send me a picture this morning of a postcard that sure looks like it's phishing, the good old-fashioned way: snail mail ! Here is the picture and you tell me what all the red flags are!
The domain does not work of course. The email seems to have disappeared into the bitbucket was answered.. For many obvious reasons i have not tried the QR code since I do not have a bulletproof sandbox installed on my smartphone where I can detonate malware. :-D
Here is a screenshot of the answer. So, best guess? Money Mule recruiting? Fake review stuffing? Advance fee scam of some sort? Take your pick!
UPDATE! More from Angela received May 29.
By the way, and this actually is coincidence, we are happy to announce the launch of a new FREE TOOL: QR Code Phishing Security Test (QR Code PST). The QR Code Phishing Security Test—QR Code PST—is a new IT security tool that allows you to identify users within your organization who might fall victim to QR code phishing attacks. With the QR Code PST, you send an email with a QR code to track how many users scan it with their phone.
Here’s How the QR Code Phishing Security Test works:
- Immediately start your test for up to 100 users (no need to talk to a person)
- Select from 35 languages and choose one of 3 templates
- Choose from a “red flags missed” or a “404 error” landing page
- Get a PDF emailed to you in 24 hours with your Phish-prone Percentage
Here is the landing page where you can try it: https://www.knowbe4.com/qr-
SUPPORT DOCS https://support.knowbe4.com/
This should be fun to try !