THE 2024 STATE OF PHISHING REPORT IS PUBLISHED! READ THE REPORT HERE

Solutions
Solutions
By Channel

Read the company overview to learn more about how Perception Point provides unparalleled prevention of advanced cyber threats across all attack vectors.

Email
Email

Advanced Email Security

Internal Emails

Outbound Email Security

Security Awareness Training

Download this complimentary Gartner report.

Web Browser
Web Browser

Risky Access

Sensitive Access

Download the Advanced Browser Security solution paper.

Cloud Collaboration
Cloud Collaboration

Cloud Collaboration Apps

Business Communication

Cloud Storage

Read the brochure to learn more about Advanced Cloud Collaboration Security.

Web Apps & File Uploads

Check out the solution paper on Advanced Threat Protection for Web Apps.

By Platform
By Platform

Microsoft 365

Google Workspace

Salesforce

AWS S3

Zendesk

Read this case study to see how we helped a high-tech enterprise secure 3 collaboration channels: MS Teams, OneDrive, and SharePoint.

By Attack Type
By Attack Type

Phishing Prevention

Quishing Prevention

BEC Prevention

Account Takeover Prevention

Malware Detection

Zero-days & N-days Detection

Read the company overview to learn more about how Perception point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.

Detection Technology
Detection Technology

AI Threat Prevention

HAP – Next-Gen Sandbox

Anti-Evasion Technology

Read the company overview to learn more about how Perception point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.
Services
Services
Incident Response

The X-RAY

Reporting

End User Reporting

More Services
Learn more about Perception Point’s Managed Service.
Partners
Partners
Partnerships
Partnerships

Channel Partners

MSP/MSSP Partners

Technology and Alliance Partners
Technology and Alliance Partners

Microsoft

AWS

Salesforce

SentinelOne

Crowdstrike
Learn more about the Perception Point Partner Program. Protect your customers from all threats across top attack vectors with one platform.
Resources
Resources
Guides
Guides

BEC

Browser Security

BYOD

Cloud Storage Security

Cybersecurity

Email Security

Endpoint Security

Incident Response

Malware

Phishing

Ransomware

Zero Trust

Blog

Keep up with Perception Point’s updates and new offerings on our blog, here.

Case Studies

Learn how Red Bull augmented Microsoft EOP to prevent attacks in the case study, here.

Datasheets

Access the datasheet to learn about the use cases, technical specifications, and the key features of our Security Browser Extension

White Papers

Download this whitepaper to learn how today’s digital-first enterprises can protect themselves against advanced threats.

Reports

Download the 2023 Gartner Market Guide for Email Security.

Webinars

Check out our webinar in cooperation with Forrester — “Rethinking Email Security: Why Traditional Approaches Fail and Why You Can’t Afford to Ignore it”

eBooks

Download this ebook to get a thorough overview of the most current email security challenges and how to mitigate them through best practices.

Brochures

Reach this brochure to learn how Advanced Email Security combines cutting edge threat prevention with the speed, scale and flexibility of the cloud.

ROI Calculator

Use this calculator to assess the potential benefit of deploying Perception Point with just 3 variables. We will do the rest for you.

Checklist

Are you managing a remote team? Download this IT Checklist to make sure you’re organization is secure.
Company
Company
About Us

News

Press

Events

Careers
Read the company overview to learn how Perception Point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.

Perception Point » Blog » Attack Trends » QR Code Phishing (Quishing) Attacks Have More Than Quadrupled In Just One Month

October 23, 2023

QR Code Phishing (Quishing) Attacks Have More Than Quadrupled In Just One Month

Perception Point Researchers Report Quishing (QR Code Phishing) Attacks Increased by 427% in September 2023.

Perception Point Marketing

In the past few months we have witnessed a rapid increase in the number of quishing attacks targeting organizations of all sizes, worldwide. Quishing, or QR code phishing, is a somewhat recent derivative of phishing attacks, leveraging the prevalence and inherent trust of QR codes in modern life. The extensive use of QR codes across various domains has made them an attractive vector for cybercriminals.

state of phishing demo cta

Through quishing, attackers have managed to bypass most email security vendors, compounding the new tactic with deceptive social engineering. What makes the use of QR codes in emails difficult to detect is that the content and intent of QR codes are not immediately apparent. When coupled with convincing language, impersonation of trusted entities, and a sense of urgency to manipulate users, quishing can be even more difficult to detect and nearly impossible for users to avoid.

From August to September, Perception Point detected a steep 427% increase in the use of malicious QR codes – quishing attacks.

In August, malicious QR codes comprised 1.8% of all QR codes scanned. By September, that number jumped to 9.5%.

In addition, the percentage of quishing attacks out of all malicious incidents climbed from 0.4% in August to 8.8% in September. October has seen a continuation of this trend as quishing incidents steadily climb.

Distribution of Attacks by Type in August 2023

Distribution of Attacks by Type in August 2023

The reported numbers are derived from the attacks that Perception Point has prevented at protected customers. Because many email security vendors cannot detect these attacks, the threat actors have scaled these campaigns, and many end users are falling victim to the scam.

state of phishing demo cta

How to Prevent Quishing

Attackers will no doubt continue to exploit quishing as a preferred method to deliver malicious payloads. Quishing has emerged as a unique threat that requires its own solution.

Perception Point has developed a unique approach to preventing quishing attacks that goes beyond just mitigation and education. Perception Point leverages a unique combination of detection technology to detect and prevent quishing attacks from ever reaching the inbox of the user.

Key Features of Perception Point’s Quishing Prevention:

Real-time Image Recognition: Identifies and extracts all QR codes from the email body and Office file attachments.
Anti-Evasion Algorithm: Dynamically follows and scans URLs embedded within the QR codes. Unpacks content into smaller units (files and URLs) to overcome evasion techniques and identify hidden malicious payloads.
AI Detection Models: Including Two-Step Phishing, GenAI Decoder™, Brand Spoofing Recognition, Domain Lookalike and URL Lexical Analysis and more.
Robust Anti-Malware Detection: Patented CPU-level technology that deterministically blocks attacks in seconds at the exploit phase pre-malware release/execution.

Perception Point stands at the vanguard, prioritizing proactive prevention and harnessing advanced technology to protect organizations’ modern workspaces from the concealed threats posed by QR codes.

For more information about quishing, read our guide here or contact us.

state of phishing demo cta

Don't miss out on any industry updates.

Sign up for our newsletter!

TALK TO SALES

Ready to Try
Perception Point?

Learn More

Beyond Add-Ons: Elevating Browser Governance Against Malicious and Risky Extensions

Nespress-Oh No! Phishing Attack Exploits Nespresso Open Redirect Vulnerability

This blog post delves into how a Nespresso domain is being misused to redirect victims, urging urgent actions leading to the theft of Microsoft credentials.

Professionally Hooked: Microsoft Two-Step Phishing Campaign Targets LinkedIn Users

This blog highlights a new LinkedIn threat, one that combines breached accounts and an evasive 2-step phishing attack.

Behind the Attack: Evasive HTML Spear Phishing

In this blog we investigate how an attacker uses HTML to conduct a spear phishing campaign and evade detection.

Evolving Email Security with Embedding Space and AI-powered Subject Analyzer

Perception Point has developed “Subject Analyzer,” an NLP model that classifies email subjects to maximize detection of threats and spam.

Operation PhantomBlu: New and Evasive Method Delivers NetSupport RAT

A malware campaign employs new TTPs and behaviors to evade detection and deploy NetSupport RAT.