Brutkey

Dan Goodin
@dangoodin@infosec.exchange
Email from PR person: Dan, From restaurant menus to package delivery, wedding invitations to identity authentication, QR codes are everywhere. They provide the quickest way to drive mobile web traffic when you can’t have a direct link. And right behind every popular tech trend lurks the bad guys. QR code phishing (where folks download a fraudulent QR code which tricks them into downloading malware or sharing sensitive information) is an emergent threat that is evading traditional defenses and forging a new way for users to click on attacks. This attack technique, along with exec impersonations, spear phishing, and social engineering, has become one of the top concerns for email threat defense. The problem? Well, there’s two: Traditional email security providers have difficulty detecting them This attack method also creates an additional security blind spot. QR codes are usually scanned using a separate device than where the email was delivered. Smartphones, whether personal or not, are less likely to have robust security technology in place for prevention or detection. In a single day, cloud email security provider Tessian stopped over 3k QR code phishing attacks in their tracks. Are you interested in connecting with them on the five methods to thwart QR phishing attacks? Best, bbc661bc80d669b9.jpg