Table of contents

    New feature release: protection against QR code phishing

    In 2023, our team observed a shift in phishing techniques, with attackers increasingly using QR codes to conceal malicious links. In response to this, we have enhanced our URL extraction feature by integrating QR code analysis capabilities.

    New feature: protection against QR code phishing


    This change was released to all our customers in November 2023 and provides anti phishing protection by empowering them to identify and stop phishing attacks that use QR codes in emails, so called quishing. Looking at some statistics from our SaaS customers over the last 30 days, we can already highlight the following:
     
    • 0.4% of attacks so far use QR code phishing.
    • 5.4% of QR codes are potentially malicious (around one in 18).

    "In the second half of 2023, we observed a sharp rise in the number of phishing attacks using QR codes. These would not be detected by traditional methods of URL detection. We reacted quickly to this growing threat by introducing QR code analysis into the xorlab Security Platform." - Andrew Graham, Software Engineer at xorlab AG

     

    Killing two birds with one stone

    While evaluating the 3rd party component for extracting QR codes, we learned about two vulnerabilities in the open source project Zbar barcode reader, which have been reported but not yet fixed. In order to ensure a secure component in our product feature, we decided to work on two patches to fix the vulnerabilities and contribute to an even more secure solution. The patches have now been integrated into the main project. The project can be found on Github, and the two vulnerabilities are reported to NIST here and here.
     
     
     

    Is your organization’s email secure? Get an attack simulation for your business.

    Get an attack simulation