In a surprising twist, hackers have turned to traditional snail mail to distribute malware in Switzerland. The Swiss National Cyber Security Centre (NCSC) recently issued a warning about a series of phishing attacks involving physical letters sent through the postal service. The fraudulent letters appear to come from MeteoSwiss, the Swiss Federal Office of Meteorology and Climatology.
They contain QR codes that direct recipients to download a fake weather warning app. When scanned, the QR codes actually download malware known as Coper or Octo2, which is designed to steal sensitive information from apps already installed on a device, primarily targeting banking applications. Experts note that this novel attack method exploits people’s inherent trust in physical mail.
“Delivering QR code letters physically via Switzerland’s postal service is an effective way for criminals to catch unsuspecting victims,” said Mike Britton, Chief Information Officer at Abnormal Security. He pointed out that people lack the same level of suspicion for physical mail as they do for digital phishing attempts.
Malware spreads through physical mail
Chris Fuller, Senior Director of Technical Operations at Obsidian Security, warned that cybercriminals are continually evolving their methods to bypass traditional security measures. “Sending scam QR codes via physical post is a novel and concerning approach, exploiting people’s growing familiarity with QR codes in daily life,” he said. Javvad Malik, Lead Security Awareness Advocate at KnowBe4, emphasized the importance of maintaining skepticism about QR codes, regardless of their source.
He noted that most people do not associate paper mail with cyber threats, making them more likely to fall for such scams. Currently, these attacks are limited to Android users in Switzerland. The NCSC advises anyone who receives such a letter and downloads the app to reset their device to factory settings to remove the malware.
Experts recommend that individuals remain cautious about scanning QR codes and only download apps from official app stores. Organizations are urged to prioritize user education about emerging phishing methods and adopt multi-layered defense strategies to combat these sophisticated attacks. As these attacks gain traction, it is crucial for people worldwide to stay vigilant and follow best practices in cybersecurity to protect themselves from evolving threats like this one.
