Checking QR codes in emails
#1
Bug 
Quote:We’ve added technology that checks QR codes in emails for phishing links.
 
In an attempt to bypass security solutions, attackers are increasingly hiding phishing and other malicious links inside QR codes. It’s for this reason that we’ve added a technology to Kaspersky Secure Mail Gateway that reads QR codes (including ones hidden inside PDF files), extracts links and checks them before they land in an employee’s inbox. We explain how it works.

[Image: QR-phishing-protection-technology-1-pdf-inside.jpg]Example of a phishing QR code inside a PDF file

Why do attackers use QR codes?

Ever since even basic security tools learned to check phishing links effectively enough, attackers have been inventing ways to hide them from scanners. The most commonly employed trick is to post links on third-party services; that way, victims don’t receive an email directly from the attackers, but a notification from some legitimate site where a document with a malicious link is already placed. While such ploys work well on home users, with company employees the success rate is far lower. That’s because any self-respecting organization these days has equipped all its work computers with security software that catches redirects to phishing sites.

Therefore, attackers have turned their attention to QR codes. First, this technology obligingly transforms regular URLs into something incomprehensible to standard systems that check links for malicious intent. Second, QR codes are common enough for people to scan them without a second thought. And third and most important, people overwhelmingly scan QR codes with a phone or tablet that may not have a security solution with anti-phishing technology – especially if it’s a personal, not work, device.

Continue Reading...
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Apple Releases iOS 26.5.2 With 29 Securi...
Apple Releases iOS...harlan4096 — 07:34
WinRAR 7.23
WinRAR 7.23 (stabl...harlan4096 — 07:33
AMD puts 32GB LPDDR5X on-package memory ...
AMD Versal Premium...harlan4096 — 07:32
ToddyCat: your hidden email assistant. P...
Introduction We...harlan4096 — 07:30
Microsoft Extends Windows Server 2022 Ho...
Microsoft has exte...harlan4096 — 07:28

[-]
Birthdays
Today's Birthdays
avatar (43)uapedDow
avatar (47)suiscced
avatar (48)Angarpaf
avatar (41)clarissalo60
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (41)optsaZes
avatar (40)RaymondViata
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>