Perception Point has released a cybersecurity solution to combat the rising threat of QR code “quishing” campaigns using image recognition, the company said.
In a quishing operation, threat actors trick victims into scanning a QR code using a mobile device. The QR code then directs them to a bogus website that downloads malware or requests sensitive information. Quishers frequently impersonate popular brands to trick victims into revealing their login credentials.
Once people hold their phones after scanning the QR code, they are lured into taking additional steps on their personal device such as multi-factor authentication (MFA) that may seem more natural, immediate and less likely to arouse suspicion, Perception said.
Ultimately, the hackers try to capitalize on that anti-phishing protection may be weaker on a user’s mobile phone than a desktop or laptop computer.
Squishing Quishing
The Israel-based company hailed its new service as the first-of-its-kind to address quishing attacks. Its Advanced Email Security platform employs an image recognition model that identifies and scans the QR codes in near real-time, extracting links and following them to scan for phishing or malware delivery attempts.
Perception said that in the last mont, it had successfully prevented quishing campaigns targeting over 25% of its diverse range of customers, spanning small organizations with as few as 10 users to large enterprises. Some 90% of the rebuffed attacks targeted users operating within Microsoft 365 email environments.
Commenting on the innovation, Peleg Cabra, senior product marketing manager at Perception Point, said:
“The threat landscape is constantly escalating, and with it, the tactics employed by threat actors. The rise of quishing is a testament to the ingenuity of cybercriminals, and requires cybersecurity vendors to stay ahead of the curve. The availability of our Advanced Email Security quishing prevention capabilities demonstrates our agility and commitment to safeguarding our customers against the most novel threats.”
How Perception Point Prevents Quishing
Key features of the quishing prevention solution: (per Perception Point)
- Real-time image recognition identifies and extracts all QR codes from the email body, images, and file attachments (PDF, Office files, etc.).
- An anti-evasion algorithm dynamically follows and scans URLs embedded within the QR codes. It then unpacks content into smaller units (files and URLs) to overcome evasion techniques and identify hidden malicious payloads.
- AI detection models include two-step phishing, GenAI decoder, brand spoofing recognition, domain lookalike and URL lexical analysis and more.
- Anti-malware detection delivers patented CPU-level technology that blocks attacks in seconds at the exploit phase pre-malware release/execution.
This article first appeared in MSSP Alert, written by D. Howard Kass on September 8, 2023.
