New QR Code Phishing Scams Target US Residents with Fake Traffic Violations

Severity: Medium (Score: 59.2)

Sources: Ground.News, Technadu, Scworld, Bleepingcomputer

Summary

A new phishing campaign is targeting residents across multiple U.S. states with fraudulent 'Notice of Default' traffic violation text messages. These messages impersonate state courts and pressure recipients to scan a QR code that leads to a phishing site, demanding a $6.99 payment while stealing personal and financial information. The campaign has affected states including New York, California, North Carolina, Illinois, Virginia, Texas, Connecticut, and New Jersey. Unlike previous scams that used direct links, this variation incorporates images of fake court notices with embedded QR codes. After scanning the QR code, victims are redirected to an intermediary site that requires CAPTCHA validation to evade automated detection, before being sent to a phishing site impersonating state agencies like the DMV. The stolen data can be used for identity theft, financial fraud, and further phishing attacks. State agencies have reiterated that they do not solicit personal information via text messages. Key Points: • Scammers are using QR codes in text messages to impersonate state courts and demand payments. • The phishing scheme targets multiple U.S. states, including New York and California. • Victims are led through a CAPTCHA to avoid detection before being redirected to fraudulent sites.

Key Entities

• Phishing (attack_type)
• Criminal Court Of The City Of New York (company)
• ny.gov (domain)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1566.002 - Spearphishing Link (mitre_attack)
• T1566 - Phishing (mitre_attack)