- New research claims that most emails with QR codes are spam
- QR Codes Can Easily Bypass Anti-Spam Filters, Cisco Talos Warns
- Quishing attacks are becoming more common
The dangers of clicking on an unknown or suspicious link should have been understood by most of us by now, but many don't realize that scanning a malicious QR code from an unknown source could be just as harmful.
Even though QR codes have been gaining popularity in recent years, research from Cisco Talos has stated that many people still do not consider the threats they could pose.
A driving factor for this is the fact that anti-spam filters are not designed to recognize that a QR code is present in an image, so they overwhelmingly evade detection; The team says that although only 1 in 500 emails contains a QR code, a staggering 60% of them are spam.
Quishing threats
QR code phishing, or 'Quishing', is becoming an increasingly common threat and often mimics real sites to trick victims into entering personal and payment information. Fraudsters were observed placing QR stickers on parking meters, for example, to trick victims into entering their payment details into fake parking apps.
Talos particularly warned about emails with malicious QR codes, which sent fake multi-factor authentication requests, used to steal user credentials.
QR codes in emails only represent a fraction of emails worldwide (between 0.1% and 0.2%), but Talos found that these messages disproportionately bypass anti-spam filters, so that users see them in their inboxes much more frequently than one would expect.
Malicious URLs can be “disarmed” by changing the protocol from 'http' to 'hxxp', or by adding square brackets around one of the URL dots; This means that browsers do not display the link as an active URL and ensures that users do not inadvertently follow the link. This is less common with QR codes.
However, it can be done by darkening the data modules or removing one or more position detection patterns (one of the large squares in the corner of the QR code). This makes QR codes safe for consumption.
Users should be just as cautious with QR codes as they are with suspicious links, Talos suggests. For those who need to use QR regularly, there are quality control decoders available online that will take screenshots of the code and allow you to closely inspect the link.