QR code phishing, or quishing, is a growing threat that exploits the popularity and trust of QR codes to trick users into visiting malicious websites or downloading malware. Perception Point, a leading provider of advanced threat prevention across digital communication channels, has developed a novel solution to combat quishing using image recognition technology.
What is quishing and why is it dangerous?
Quishing is a form of phishing that uses QR codes to embed malicious URLs in email messages. The emails often impersonate well-known and trusted brands, such as Microsoft, and urge users to scan the QR code with their mobile devices to update or review their security settings. Once the users scan the QR code, they are redirected to a fake website that mimics the legitimate one and asks them to enter their login credentials or download a malicious file.
Quishing is dangerous because it exploits the conditioned trust many users have developed for QR codes, especially during the COVID-19 pandemic, when QR codes became widely used for contactless payments, menus, and check-ins. Quishing also leverages the psychological effect of shifting the user’s attention from a computer screen to a mobile device, where they are more likely to follow the instructions without suspicion. Moreover, quishing can easily bypass most email security systems, as QR codes are not detected as links by traditional scanners.
How Perception Point’s solution works
Perception Point has unveiled its first-of-its-kind solution to address the escalating threat of quishing. The solution is based on a unique image recognition model that identifies and scans the QR codes in near real-time, extracting links and following them to dynamically scan for phishing or malware delivery attempts.
The solution has several key features that make it effective and efficient:
- Real-time image recognition: The solution identifies and extracts all QR codes from the email body, images, and file attachments (PDF, Office files, etc.).
- Anti-evasion algorithm: The solution dynamically follows and scans URLs embedded within the QR codes, unpacking content into smaller units (files and URLs) to overcome evasion techniques and identify hidden malicious payloads.
- AI detection models: The solution uses various AI detection models, such as two-step phishing, GenAI Decoder, brand spoofing recognition, domain lookalike, and URL lexical analysis, to identify and block phishing attempts.
- Anti-malware detection: The solution uses patented CPU-level technology that deterministically blocks attacks in seconds at the exploit phase pre-malware release/execution.
How Perception Point’s solution helps customers
Perception Point’s solution helps customers of all sizes and industries to protect themselves from quishing attacks. Within the past month, Perception Point successfully prevented quishing campaigns targeting over 25% of its diverse range of customers, encompassing small organizations with as few as 10 users to large enterprises with tens of thousands of employees. 90% of the thwarted attacks targeted users operating within Microsoft 365 email environments.
Perception Point’s solution is different from other email security vendors that often recommend employee training and the use of multi-factor authentication (MFA) as the primary defense against quishing. While these measures are important, they are not enough to stop sophisticated quishing attacks that can easily fool users and evade detection. Perception Point’s solution takes a proactive approach to stop malicious QR code campaigns at their source to prevent them from ever reaching the user’s inbox.