Online shopping is now an established part of daily life: we get food, clothes and other goods delivered to our door in a couple of clicks. Online shopaholics, of which there are many, are may sometimes forget about a parcel or miss a call from the courier. Unsurprisingly, this is exploited by attackers who use fake delivery notifications as bait.
One example of this is cybercriminals pretending to be the international express courier service, DHL. However, instead of the usual phishing link, it’s a QR code that’s contained in the e-mail received that kicks off this kind of swindle. How and why is the topic of this post.