Scanning Danger: Unmasking the Threats of Quishing

Scanning Danger: Unmasking the Threats of Quishing By Shyava Tripathi, Raghav Kapoor and Rohan Shah · December 07, 2023 Phishing, a prevalent cybercrime worldwide, is responsible for as much as 90 percent of data breaches, making it a significant avenue for the theft of sensitive credentials and information. While phishing itself is not a new threat, the landscape has evolved in recent months. Interpol made a significant breakthrough in the fight against phishing by successfully shutting down '16shop', a notorious and widely used phishing-as-a-service platform in August 2023. While this takedown was a significant victory, the availability of phishing-as-a-service platforms, which offer subscription-based access and automation tools laden with phishing kits, means that virtually anyone can employ such services with minimal effort. This concerningly simplifies the launch of phishing campaigns to a few simple clicks. The proliferation of Quick Response (QR) code-based phishing attacks also adds a new layer of risk to the landscape. QR codes, originally designed for convenience and whose usage was exacerbated by contactless transactions during the COVID-19 pandemic, have become a vital tool for attackers seeking credential compromise. QR code-based phishing, or Quishing, is a type of phishing attack that employs QR codes to deceive victims. In this form of phishing, attackers distribute malicious QR codes placed in seemingly legitimate locations such as emails, websites,…Read More