New feature release: protection against QR code phishing

New feature: protection against QR code phishing

In 2023, our team observed a shift in phishing techniques, with attackers increasingly using QR codes to conceal malicious links. In response to this, we have enhanced our URL extraction feature by integrating QR code analysis capabilities.

This change was released to all our customers in November 2023 and provides anti phishing protection by empowering them to identify and stop phishing attacks that use QR codes in emails. Looking at some statistics from our SaaS customers over the last 30 days, we can already highlight the following:
  • 0.4% of attacks so far use QR code phishing.
  • 5.4% of QR codes are potentially malicious (around one in 18).

"In the second half of 2023, we observed a sharp rise in the number of phishing attacks using QR codes. These would not be detected by traditional methods of URL detection. We reacted quickly to this growing threat by introducing QR code analysis into the xorlab Security Platform." - Andrew Graham, Software Engineer at xorlab AG


Killing two birds with one stone

While evaluating the 3rd party component for extracting QR codes, we learned about two vulnerabilities in the open source project Zbar barcode reader, which have been reported but not yet fixed. In order to ensure a secure component in our product feature, we decided to work on two patches to fix the vulnerabilities and contribute to an even more secure solution. The patches have now been integrated into the main project and no further exploits are expected. The project can be found on Github, and the two vulnerabilities are reported to NIST here and here.

Is your organization’s email secure? Get free risk assessment for your business.

Get free email risk assessment


Similar posts

Get curated and relevant updates once per month

Once per month, we’re sharing the latest security insights from our team in a curated, 5-minutes-to-read email newsletter. We strive to inform you with fresh, relevant, and objective updates on what’s happening around you.