Mimecast Announces Enhancements to QR Code Protections
February 2024 by Marc Jacob
Mimecast Limited announced that it has enhanced its Quick Response (QR) code protections to better serve current and future customers. Mimecast Email Security is now engineered to include deep scanning of URLs tied to QR codes, and upon inspection, malicious content will be blocked.
In 2023, there was a massive uptick in QR code attacks, commonly referred to as ‘quishing’, and there are no signs the attack method will slow down in 2024. Threat actors deliver emails with QR codes that point to fake sites in an effort to steal credentials or perform other malicious activities. These attempts are difficult to detect as often people do not view QR codes as a danger, they have become commonplace for many legitimate uses such as restaurant menus, sign-up forms, and other useful online activities.
According to Mimecast’s Global Threat Intelligence Report, overall attacks with malicious links increased by 22% in Q3 of 2023 compared to Q2. Mimecast threat intelligence, based on the processing of more than one billion emails per day on behalf of 42,000 global customers, found that inserting QR codes into the body of an email to deliver malicious links is a widely used tactic by cybercriminals and threat actors.
These new product enhancements directly address this issue, as Mimecast email security is designed to identify QR codes in the body of an email and extract the URL for deep scanning. Enhanced ‘quishing’ protection will help employee inboxes stay safe, further enabling customer organizations to Work Protected.
Deep scanning of QR code URLs is now live within Mimecast Email Security, and more enhancements to combat ‘quishing’ will follow.