A group of cybersecurity specialists has reported a 587 percent increase in ‘phishing’ attempts via QR code scanning, which can lead to pages to gain passwords to subsequently utilize for various objectives, such as data theft.
The QR code These codes are used in phishing schemes, also known as quishing, to spread a harmful link without the user’s knowledge. Thus, it is a strategy used in conjunction with social engineering to imitate businesses or governmental entities.
In this regard, a group of researchers from Check Point Research, a division of the cybersecurity systems supplier Check Point, has warned of the dangers of ‘quishing’ assaults, which increased 587% between August and September.
In reality, according to the ‘Mobile & Intelligent Connectivity’ research conducted by the communication group IAB Spain in 2021, more than 82.2 percent of users polled in Spain claimed that they have used QR codes at some point. When confronted with this, just 2% stated that they had no idea what these codes were.
That is, the bulk of Spanish population utilize QR codes and are thus vulnerable to a ‘quishing’ assault.
As the researchers note, although QR codes appear to be a “harmless” method at first look, they are a “excellent way to hide malicious intentions” since they are utilized by hackers to conceal a bogus link.
As researchers have demonstrated, one example of these assaults is the transmission of QR codes over email. In the researchers’ attack, a ’email’ is used as a decoy notifying the user that Microsoft’s multi-factor authentication (MFA) is about to expire and prompting the user to re-authenticate.
In this example, hostile actors inject a QR code into the email along with a bogus link to a credential gathering page. When the user scans the QR code, a website that seems identical to the real Microsoft credentials page appears, but it actually serves to steal credentials.
According to cybersecurity experts, creating a QR code is “very easy” because there are numerous free pages that generally produce it automatically. Cybercriminals can incorporate any harmful link this way. Similarly, in the sample displayed, while the topic shows that it is from Microsoft, the sender address is different.
How do you guard against ‘quishing’?
With all of this, experts have provided several suggestions for combating “quishing.” One of them is to put in place an email security system that employs optical character recognition (OCR) to detect all potential assaults.
Similarly, users can employ a system that employs artificial intelligence, machine learning, and natural language processing to decipher the meaning of communications and determine when ’email’ may “use phishing language.”
According to Eusebio Nieva, technical director of Check Point Software for Spain and Portugal, the approaches employed by researchers to uncover this form of assault are based on employing the QR code analyzer of its OCR engine.
Because the OCR engine turns the QR code picture to text, it is feasible to recognize the code and recover the URL without opening it. Following that, the URL is evaluated to determine whether it is an illicit website using NLP, which is capable of detecting suspicious language and designating it such as ‘phishing’.
“Cybercriminals are constantly trying new tactics and sometimes resurrecting old ones.” “Sometimes, they appropriate legitimate elements like QR codes,” Nieva explained, adding that the presence of a QR code in the body of an email message “is an indicator of an attack.”
*With thanks to Europa Press.