Attackers are embedding malicious QR codes in invoice PDFs and printed letters.

Multi-factor authentication bypass is the stated goal.