G A U G I N G T H E M A R K E T
G A U G I N G T H E M A R K E T
Why are quishing attacks so effective ?
• Digital QR codes can bypass some email gateways and firewalls because they ’ re interpreted as harmless images .
• QR codes with fraudulent links can be printed on physical content and delivered in the post . This means they bypass all digital cybersecurity defences and are only subject to basic checks from the people in charge of sorting mail .
• There ’ s a low barrier to entry . Cybercriminals don ’ t need to write complex code to deliver a malicious link . In some instances , they can stick a fake QR code over an existing piece of physical content .
• Humans need an app to decipher QR codes . This makes fraudulent links much harder ( although not impossible ) to spot .
How can organisations fight back ?
There ’ s a lack of education and basic information about quishing , so people don ’ t know how to identify an attack and protect themselves . So , the best thing we can do is raise awareness of the threat
QUISHING WORKS LIKE A STANDARD PHISHING ATTACK , BUT THE MALICIOUS LINK IS HIDDEN IN A QR CODE RATHER THAN AN EMAIL LINK . and keep employees informed . Here are a few tips to help do just that :
Update your cybersecurity training
Threats such as quishing prove cybercriminals have moved on . Cybersecurity training needs to do the same . For the best results , keep it engaging , to the point , easy to digest , and not too technical .
Give some extra time to younger employees
This isn ’ t because they ’ re naïve – they ’ re probably more tech-smart than us in many ways . But they suffer far more from notification and alert fatigue than their older colleagues . That ’ s thanks in great measure to those endless ( and seemingly meaningless ) cookie acceptance buttons , which have trained an entire generation to mindlessly tick , click and wave through
18 www . intelligentfin . tech