Expert Comment: PSNI issue Crime Prevention Warning on "Quishing"
After the news that the Police Service of Northern Ireland (PSNI) Cyber Crime Centre issued as Crime Prevention Notice on “Quishing” due to an increase in Quishing attempts over recent weeks. Olesia Klevchuk from Barracuda comments on the rise of these QR code phishing attacks and the preventative measures organisations can take to avoid falling victim to a Quishing attack.
The Crime Prevention Warning from the PSNI is a reminder that QR code phishing attacks – or “Quishing” – are currently on the rise and present a significant threat to users and organisations alike. We are seeing an increasing danger around QR code attacks as they become more sophisticated, complex, and harder to detect.
Quishing attacks trick recipients into visiting malicious websites or downloading malware onto their devices. What makes them particularly dangerous, is that they’re difficult to detect using traditional email filtering methods.
Using AI and image recognition technology is one of the ways to detect these attacks. A fake QR code is usually not the only sign of a malicious email. AI-based detection will also take other signals into account – such as senders, content, image size, and placement – to determine malicious intent.
Education is also important so that users can play their part in identifying a potential Quishing attack. Users should exercise caution when scanning QR codes delivered through email or other methods. If your users must scan QR codes, recommend they download a reputable QR code scanner from a trusted app store.
If QR code attacks are not part of your security awareness training yet, it’s important to address this and include them.