According to statistics from cloud service information security company ANY.RUN, in 2023, hackers will use the three most popular phishing tools: QR codes, CAPTCHAs, and Steganography.

One of the new phishing techniques used by hackers is Quishing (a combination of QR code and phishing), which involves hiding malicious links in QR codes.

This method allows hackers to avoid detection by traditional anti-spam filters, which typically target text messages. Many current security tools still cannot decode the contents of QR codes, making this tool particularly effective against cybercriminals.

Request to complete a CAPTCHA code on a hacker's phishing website.

Phishing attacks are also increasingly using CAPTCHAs, a popular website security tool. Using the Random Domain Generation Algorithm (RDGA), cybercriminals have created hundreds of different domains that serve as the basis for using CAPTCHAs to disguise authentication forms on fake websites.

In addition, hackers are also cleverly using Steganography - a method of embedding malicious code that allows hiding data in many different file formats.

Malicious code can be hidden in document logos.

Specifically, an email impersonating a Colombian government organization contained a link to a file on Dropbox. It was a hidden script that, when activated, would extract an image containing malicious code and infect the victim's system.

With the rise of phishing attacks and new fraud techniques emerging, Internet users and organizations need to be more vigilant and proactive in educating themselves about potential threats.