cyber
TRENDS
Andy Swift , Cyber Security Assurance Technical Director at Six Degrees
Why are quishing attacks so effective ?
• Digital QR codes can bypass some email gateways and firewalls because they ’ re interpreted as harmless images .
• QR codes with fraudulent links can be printed on physical content and delivered in the post . This means they bypass all digital cybersecurity defences and are only subject to basic checks from the people in charge of sorting mail .
• There ’ s a low barrier to entry . Cybercriminals don ’ t need to write complex code to deliver a malicious link . In some instances , they can stick a fake QR code over an existing piece of physical content .
• Humans need an app to decipher QR codes . This makes fraudulent links much harder ( although not impossible ) to spot .
How can organisations fight back ?
There ’ s a lack of education and basic information about quishing , so people don ’ t know how to identify an attack and protect themselves . So , the best thing we can do is raise awareness of the threat and keep employees informed . Here are a few tips to help do just that :
Update your cybersecurity training
Threats such as quishing prove cybercriminals have moved on . Cybersecurity training needs to do the same . For the best results , keep it engaging , to the point , easy to digest , and not too technical .
Quishing works like a standard phishing attack , but the malicious link is hidden in a QR code rather than an email link .
WWW . INTELLIGENTCISO . COM 19