Home » Safeguarding Against Quishing: Strategies for Enhanced Cybersecurity
By Cian Fitzpatrick | 16th April 2024
QR code phishing, also known as “quishing,” has become an increasingly sophisticated tool in phishing arsenals over recent years. The technology for QR codes has been around for years. In fact, QR codes were invented by a Japanese company in 1994. But they hadn’t been popular for a while, in many ways being seen as clunky and archaic technology. Then the pandemic hit us. And suddenly QR codes came back into the spotlight in a big way.
With this newfound popularity has also come malicious intent.
Since 2019, the rise of quishing/QR code phishing scams has increased at an alarming rate. This method involves duping targeted victims into scanning malicious QR codes, which then leads them to fake sites that steal personal and financial details. In fact, a 2023 report noted a 51% increase in quishing.
Two years ago, the FBI ran a public announcement campaign to warn people about cybercriminals using QR codes to drive traffic to bad actor websites.
Quishing and Topsec Cloud Solutions
Since 2022, this strategy and tactic has become even more prevalent.
Phishing emails, where QR codes are used to circumvent standard email protections, are especially rampant right now.
In our own organisation, Topsec Cloud Solutions, has the following statistics to share the week of writing this blog post of Bitdefender QR code detections:
14,423 messages with QR codes.
830 did not have a URL extracted from them. (Most likely because they didn’t have URLS.)
299 messages got a spam verdict.
212 of these were spam based on an image or attachment.
As always, a combination of technology and human awareness is essential for your business to bolster your cybersecurity measures.
QR code phishing exploits human error to access sensitive data or infiltrate networks.
The method takes advantage of the widespread use of smartphones capable of scanning QR codes, targeting a broad audience. The omnipresence of QR codes in daily life, think about products, promotional materials, event tickets and menus, complicates the ability to distinguish between safe and hazardous codes, raising the risk of phishing attacks.
These phishing methods challenge traditional email security by evading detection.
Conventional email defences often miss these threats because QR codes effectively hide the malicious URLs behind them. This loophole increases the likelihood of successful phishing attacks, which could lead to significant data breaches.
Organisations can adopt several strategies to mitigate risks associated with QR code phishing:
Organisations must stay vigilant against QR code phishing tactics that threaten email security.
Topsec Cloud Solutions can help your organisation do this. By employing robust defences and educating employees, businesses can effectively counteract these cyber threats, protect their critical information, and maintain trust with their stakeholders.
Contact us today to discuss your team’s email security needs. We’d be delighted to help you.
Sign up to get regular updates about email security
You have successfully subscribed to the newsletter
There was an error while trying to send your request. Please try again.