1. Forum
  2. tqwNet
  3. TQW GENTECH

  • The majority of QR codes are spam, new survey claims

    From TechnologyDaily@1337:1/100 to All on Thursday, November 21, 2024 17:15:06
    The majority of QR codes are spam, new survey claims

    Date:
    Thu, 21 Nov 2024 17:02:00 +0000

    Description:
    Cisco Talos research details how QR codes are increasingly being used by cybercriminals.

    FULL STORY ======================================================================New research claims most QR code emails are spam QR codes can easily bypass anti-spam filters, Cisco Talos warns 'Quishing' attacks are becoming more common

    The dangers of clicking an unknown or suspicious link should have been
    drilled into most of us by now, but many dont realize scanning a malicious QR code from an unknown source could be just as damaging.

    Despite QR codes steadily gaining popularity over the last few years,
    research from Cisco Talos has claimed many people still dont consider the threats they could pose.

    A driving factor to this is the fact that anti-spam filters arent designed to recognize that a QR code is present in an image, so they overwhelmingly evade detection - with the team saying that although only 1 in every 500 emails contains a QR code, a staggering 60% of those are spam. 'Quishing' threats

    QR code phishing, or Quishing is becoming an increasingly common threat ,
    and often imitate real sites to trick victims into entering personal and payment information. Fraudsters were observed placing QR stickers on parking meters, for example, to trick victims into entering their payment details
    into fake parking apps.

    Talos particularly warned on malicious QR code emails, which sent fake multi-factor authentication requests, used to steal user credentials.

    QR codes in emails only make up a fraction of emails worldwide (between 0.1 %and 0.2%), but Talos found these messages disproportionately bypass
    anti-spam filters, so users see them in their inboxes much more often than you'd expect.

    Malicious URLs can be defanged by changing the protocol from http to hxxp, or adding brackets around one of the dots in the URL - this means browsers don't render the link as an active URL, and ensures users dont inadvertently follow the link. This is less common with QR codes.

    It can be done though, either by obscuring the data modules or by removing
    one or more of the position detection patterns (one of the large squares in the corner of the QR code). This makes the QR codes safe for consumption.

    Users should exercise just as much caution with QR codes as they do
    suspicious links, Talos suggests. For those who may need to use QR's regularly, there are QC decoders available online which will take screenshots of the code and allow you to closely inspect the link. You might also like Take a look at our pick of the best antivirus software around Scam Yourself attacks have fooled millions here's how not to fall victim Check out our choices for best malware removal software



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/the-majority-of-qr-codes-are-spam-new-s urvey-claims


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)