CyberWire Daily Quishing for trouble. [Research Saturday]
Dec 21, 2024
Adam Khan, VP of Security Operations at Barracuda, shares insights on the alarming rise of QR code phishing, dubbed 'quishing'. He highlights how cybercriminals embed malicious QR codes in emails, tricking users into revealing their credentials. With over half a million phishing attempts detected, major brands like Microsoft and DocuSign are often impersonated. Khan emphasizes the importance of multilayered email security, AI detection tools, and employee education to combat these evolving threats.
AI Snips
Chapters
Transcript
Episode notes
QR Code Usage
- QR codes are becoming increasingly common, replacing traditional menus in some restaurants.
- Businesses are also using QR codes to engage customers and promote products or services.
Quishing Explained
- QR code phishing, or "quishing", involves attaching QR codes to phishing attacks.
- QR codes are becoming more common in daily life, and cybercriminals are exploiting this growing familiarity.
Phishing Email Analysis
- Barracuda research analyzed over half a million phishing emails with QR codes between June and September 2024.
- Most impersonated brands like Microsoft, DocuSign, and Adobe, exploiting trust and urgency.