The majority of QR codes are spam, new research shows
- New research claims that most QR code emails are spam
- QR codes can easily bypass anti-spam filters, Cisco Talos warns
- Quishing attacks are becoming increasingly common
The dangers of clicking on an unknown or suspicious link should have dawned on most of us by now, but many don’t realize that scanning a malicious QR code from an unknown source can be just as harmful.
Although QR codes have been steadily gaining popularity in recent years, research from Cisco Talos has claimed that many people still don’t think about the threats they could pose.
A driving factor for this is the fact that anti-spam filters are not designed to recognize that a QR code is present in an image, thus overwhelmingly evading detection. The team says that while only 1 in 500 emails contains a QR code, as many as 60% of them are spam.
‘Quishing’ threats
QR code phishing, or ‘Quishing’, is becoming an increasingly common threat, often impersonating real sites to trick victims into entering personal and payment information. Fraudsters were observed placing QR stickers on parking meters to trick victims into entering their payment details into fake parking apps.
Talos specifically warned about malicious QR code emails, which sent fake multi-factor authentication requests, which were used to steal user data.
QR codes in emails make up only a fraction of emails worldwide (between 0.1% and 0.2%), but Talos found that these messages disproportionately bypass anti-spam filters, meaning users receive them in their inboxes much more often see than you would expect.
Malicious URLs can be defanged by changing the protocol from ‘http’ to ‘hxxp’, or by adding parentheses around one of the periods in the URL. This means that browsers don’t display the link as an active URL, and it keeps users from doing so. Don’t accidentally follow the link. This is less common with QR codes.
However, it can be done by hiding the data modules or removing one or more position detection patterns (one of the large squares in the corner of the QR code). This makes the QR codes safe for consumption.
Users should be as careful with QR codes as they are with suspicious links, Talos suggests. For those who need to use QRs regularly, there are QC decoders available online that take screenshots of the code so you can closely inspect the link.