Perception Point unveiled new solution to address the escalating threat of QR code phishing, commonly referred to as “quishing”. With the recent influx in quishing campaigns, the need for a definitive solution has never been more pressing.
The re-emergence of QR codes during the COVID-19 pandemic, not only changed the way users interact with digital content but also provided cybercriminals with a novel avenue for evading detection. In 2023, quishing attacks surged dramatically, targeting and successfully breaching organizations of all sizes.
Leveraging the conditioned trust many have developed for QR codes, threat actors are launching email campaigns that ingeniously exploit human behavior and social engineering techniques, often impersonating trusted brands like Microsoft to lure targets into divulging their login credentials.
Within the past month, Perception Point successfully prevented quishing campaigns targeting over 25% of its diverse range of customers, encompassing small organizations with as few as 10 users to large enterprises with tens of thousands of employees. 90% of the thwarted attacks targeted users operating within Microsoft 365 email environments.
A key psychological element that drives the success of quishing attacks involves shifting the “playground” from a computer screen onto a mobile device. Once people hold their phones after scanning the QR code, they are primed for additional steps that pertain to their personal device.
Consequently, taking actions like going through MFA seem more natural, immediate and less likely to arouse suspicion. The deceptive simplicity of these attacks allows them to easily bypass most email security systems.
Unlike other email security vendors that often recommend employee training and the use of MFA as the primary defense against quishing, Perception Point is taking a proactive approach to stop malicious QR code campaigns at their source to prevent them from ever reaching the user’s inbox.
Perception Point’s Advanced Email Security now employs a unique image recognition model that identifies and scans the QR codes in near real-time, extracting links and following them to dynamically scan for phishing or malware delivery attempts.
Key features of Perception Point’s Quishing Prevention:
- Real-time image recognition: Identifies and extracts all QR codes from the email body, images, and file attachments (PDF, Office files, etc.).
- Anti-evasion algorithm: Dynamically follows and scans URLs embedded within the QR codes. Unpacks content into smaller units (files and URLs) to overcome evasion techniques and identify hidden malicious payloads.
- AI detection models: Including Two-Step Phishing, GenAI Decoder, Brand Spoofing Recognition, Domain Lookalike and URL Lexical Analysis and more.
- Anti-malware detection: Patented CPU-level technology that deterministically blocks attacks in seconds at the exploit phase pre-malware release/execution.
Peleg Cabra, Senior Product Marketing Manager at Perception Point, commented, “The threat landscape is constantly escalating, and with it, the tactics employed by threat actors. The rise of quishing is a testament to the ingenuity of cybercriminals, and requires cybersecurity vendors to stay ahead of the curve. The availability of our Advanced Email Security quishing prevention capabilities demonstrates our agility and commitment to safeguarding our customers against the most novel threats.”
This article first appeared in Help Net Security on September 7, 2023.