QR Phishing

QR Phishing

QR-based phishing “QRishing”: 

It is a known technique used by cybercriminals to elude phishing filters and security solutions that are built to stop such attacks before the malicious emails reach the targets inboxes. 
Scanning QR code may open a notification on your phone screen to follow a link. Like other phishing types of scams, hackers will do their best to make that link look legitimate. They may alter a familiar company name so that it looks like it come from that company.

  • How to prevent QR code phishing attacks?  

  1. Check if there is a sticker have been placed on top of genuine QR code.
  2. Check the URL address after scanning a QR code. If it is shortened it might be malicious. 
  3. You should always make sure that a website secured and starts with https://   



  • The most familiar uses of these codes, especially post-Covid, include:  

  1. Accessing a restaurant menu on your phone.  
  2. Confirming your reservation at a theme park or other venue.  
  3. Getting your boarding pass or health questionnaire scanned at the airport.  



How to do QR Phishing campaign:


A QR-phishing campaign's main goal is to scan phishing URL's from phishing targets and monitor how do targets react to the phishing. You can create QR-Phishing with the following:


First step to create campaign is log in to your account in phishguard, then do the following: 

  1. Choose Campaigns in the side navigation bar.
  2. Click QR Code Campaigns.


Then click New QR Campaign, you can create several campaigns.



After that you can choose name of the campaign, enter how many QR code's will be used to this campaign and choose the land page you want to be shown.



When you click Lunch Campaign It will be scheduled. 



This photo shows that the campaign you created is active or archived, Created Date, If its created or no, and how many times scanned.  



To Install QR Phishing


You need to download QR-Code image to scan it.

 

1- Click view results 


2- In the details of the campaign, you should download the campaign.


3- Image of QR-Code will be downloaded.


4- Here is the QR-Code.


Tracking Campaign


You can track the campaign you created to see who open it and when in a timeline 


the image below shows:


1- status of campaign.

2- if you click the arrow it will drop-down the results of the campaign.





    • Related Articles

    • Create Phishing Campaign

      Create Phishing Campaign A phishing campaign's main goal is to send phishing messages to phishing targets and monitor how do targets react to the phishing. To do so, we need to have a sending address, message template and a landing page. If theses ...

    • NFC Tags Phishing

      NFC Tags Phishing: The Near Field Communication (NFC) is a set of standards for mobile devices designed to create radio communication with each other by being touched together or brought within a short distance. NFC is a technology that allows us, ...

    • PhishGuard - Phishing Simulation Tool

      PhishGuard is a cloud, or on-premise, software that provides comprehensive phishing simulation solution which aims to empower your employees and shield your organization. PhishGuard allows the organization to measure and improve the security ...

    • Whitelisting PhishGuard in Microsoft 365 (Advance Delivery)

      Whitelisting IPs, Senders, and URLs in Phishing Simulation Advanced Delivery for Microsoft 365 This article shows how to whitelist IPs, Senders, and URLs in Phishing Simulation Advanced Delivery for Microsoft 365. In Microsoft 365's Advanced Delivery ...

    • View Campaign Results

      View Campaign Results The campaign results will provide you with an overview of the campaign status as well as detailed results for each target in the campaign. To view a campaign result for a campaign you have created before: Login using your ...