How QR code ease of use has broaden the attack surface

2022-02-16 07:00

In this interview with Help Net Security, Neil Clauson, Regional CISO at Mimecast, talks about the threats of QR code phishing, explains the vulnerabilities of such technology and how to make sure not to fall prey to such attack.

In the case of QR codes being used as a form of payment, the FBI warned that cybercriminals can use tampered QR codes to redirect payments, stealing victim funds for their own personal use.

Legitimate QR codes are typically leveraged for their ease of use - you simply point your phones camera at the code and it's instantly scanned taking you to the desired webpage.

How can QR codes be used to execute a phishing attack?

In general, any QR code in an email should be considered suspicious - a legitimate sender would have just sent the actual URL, and is most likely trying to circumvent URL scanning solutions, many of which do not currently analyze QR codes.

While naturally, they may not think of a QR code as a malicious attack vector, you can teach them of the dangers related to scanning a code, and just how costly that can be.

News URL

https://www.helpnetsecurity.com/2022/02/16/qr-code-phishing/

#attack #QR #qrcode

News URL

Related news