New research claims most QR code emails are spamQR codes can easily bypass anti-spam filters, Cisco Talos warns‘Quishing’ attacks are becoming more common
The dangers of clicking an unknown or suspicious link should have been drilled into most of us by now, but many don’t realize scanning a malicious QR code from an unknown source could be just as damaging.
Despite QR codes steadily gaining popularity over the last few years, research from Cisco Talos has claimed many people still don’t consider the threats they could pose.
A driving factor to this is the fact that anti-spam filters aren’t designed to recognize that a QR code is present in an image, so they overwhelmingly evade detection – with the team saying that although only 1 in every 500 emails contains a QR code, a staggering 60% of those are spam.
‘Quishing’ threats
QR code phishing, or ‘Quishing’ is becoming an increasingly common threat, and often imitate real sites to trick victims into entering personal and payment information. Fraudsters were observed placing QR stickers on parking meters, for example, to trick victims into entering their payment details into fake parking apps.
Talos particularly warned on malicious QR code emails, which sent fake multi-factor authentication requests, used to steal user credentials.
QR codes in emails only make up a fraction of emails worldwide (between 0.1 %and 0.2%), but Talos found these messages disproportionately bypass anti-spam filters, so users see them in their inboxes much more often than you’d expect.
Malicious URLs can be ‘defanged’ by changing the protocol from ‘http’ to ‘hxxp’, or adding brackets around one of the dots in the URL – this means browsers don’t render the link as an active URL, and ensures users don’t inadvertently follow the link. This is less common with QR codes.
It can be done though, either by obscuring the data modules or by removing one or more of the position detection patterns (one of the large squares in the corner of the QR code). This makes the QR codes safe for consumption.
Users should exercise just as much caution with QR codes as they do suspicious links, Talos suggests. For those who may need to use QR’s regularly, there are QC decoders available online which will take screenshots of the code and allow you to closely inspect the link.
You might also like
Take a look at our pick of the best antivirus software around‘Scam Yourself’ attacks have fooled millions — here’s how not to fall victimCheck out our choices for best malware removal software