One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8495238 |
| Date de publication | 2024-05-07 13:42:04 (vue: 2024-05-07 14:07:26) |
| Titre | Le phishing du code QR est un problème - ce qui est pourquoi Proofpoint a introduit la simulation de phishing du code QR QR Code Phishing is a Problem-That\\'s Why Proofpoint Has Introduced QR Code Phishing Simulation |
| Texte | QR codes are a part of our everyday lives. They appear in everything from restaurant menus to payment portals. We can use them to quickly access information or perform tasks with a simple scan from our smartphones. However, the ubiquity and convenience of QR codes have also made them an attractive tool for attackers. These seemingly innocuous squares have become a Trojan horse for phishing schemes. In December 2023, Proofpoint launched new in-line threat detection capabilities to stop QR code-based threats. We did this for several reasons. First, we recognized that these attacks are highly deceptive, and existing technologies could not analyze embedded URLs with accuracy. We also understood it was highly likely that users would fall victim to these attacks, as external survey data indicated over 80% of users believe that QR codes are safe. Additionally, our own research showed that QR code attacks had already hit the mainstream. Now, we see daily QR code attack spikes reaching into the tens of thousands. So, our customers must stay vigilant about this threat. To help in that effort, Proofpoint now offers QR code phishing simulations through Proofpoint Security Awareness. You can use them to help your users learn how to recognize and proactively report real QR code phishing attempts. In this post, we will cover the basics of our simulations, and how they serve as a key pillar of our human-centric security strategy. But first, let\'s examine how QR code phishing works. The sequence of events in a QR code attack In QR code phishing, an attacker will disguise malicious URLs within a QR code and embed the QR code into an email. The email is socially engineered to convince the victim to scan the code. After the code is scanned, the victim is redirected to a fraudulent website that is designed to steal sensitive data like login credentials, credit card numbers or personal data. Overview of a QR code attack sequence. What makes malicious QR codes so hard to detect is that attackers are intentionally combining evasion tactics with malicious QR codes to evade email gateways. For example, in a recent QR code attack, threat actors hid malicious QR codes within a PDF attachment. Further, the redirected URL used evasion tactics like adding a Cloudflare CAPTCHA to appear legitimate. Threat actors know that if successfully delivered to their victim it can lead to a successful compromise and they are motivated to continue investing in evasion. The solution: QR code phishing simulation The risk of user exposure to a QR code phishing attack is high, which is why it\'s so important to educate your users about this threat. Here is where our QR code phishing simulation can help. At its core, the simulation works by using email templates that are derived from real-world attacks. Administrators can use the prebuilt templates to launch simulation campaigns that test how employees might react to a QR code attack. These simulations give users firsthand experience in how to identify, avoid and report these threats. This exercise also helps administrators understand their users\' vulnerabilities so that they can develop tailored educational plans. A sample of a QR Code Phishing Simulation template from Proofpoint. To help hone a user\'s knowledge and skills, the prebuilt templates are automatically categorized based on their difficulty level using our Leveled Phishing capability. Proofpoint is the first and only security awareness provider to combine machine learning and NIST Phish Scale research to automatically categorize the level of difficulty of our phishing simulation templates. Leveled Phishing ensures that administrators can objectively challenge a user\'s understanding of the threat. As a user\'s knowledge improves with each simulation, the administrator can continue to challenge that user by launching more, and more difficult, simulations. If the user fails a s |
| Envoyé | Oui |
| Condensat | 2023 about access accuracy across active actors adding additionally administrator administrators adopts after against all along already also always analyze appear approach are artificial assessments associated attached attachment attack attack attacker attackers attacks attempts attractive automatically avoid awareness based basics become before behavior behavioral believe block building business businesses but campaigns can capabilities capability captcha card cases categorize categorized centric challenge change character cloudflare code codes combination combine combines combining company complement complete comprehension comprehensive compromise concepts condemn conduct constant content continue continues convenience convince core could cover credentials credit critical curriculum customers cybercriminals cybersecurity daily data december deceptive delivered delivery derived designed detect detection detection develop did difficult difficulty discusses disguise documents drive each educate education education educational effort eliminate email emails embed embedded employees empower engagement engaging engineered ensures enter entry equally equip error evade evasion events ever everyday everything evolving examine example exercise existing experience experiences exposure external fails fall falling fast find first firsthand focus found fraudulent from further future gateways get give had hands happens hard has have help helps here heroes hid high highly hit hone horse how however human identify images important improve improves inbox inboxes include indicated information innocuous integrates intelligence intentionally introduced investing its just keep key know knowledge launch launched launching lead learn learning legitimate let level leveled like likely line lives login machine made mainstream make makes malicious maximize may menus message messages might mitigate modules moments” moment” more motivated move multilayered must need new nist not now numbers objectively ocr offers often one only optical out over overview own parse part payment pdf pdfs people perform personal phish phishalarm phishing pillar plans point portals positive post practical pre prebuilt predelivery prevent preventing proactively problem programs proofpoint proofpoint protect protection provided provider provides quickly reach reaching react real reasons receive recent recognition recognize recognized redirected reduce reinforce remediation remediation remove report research resilience resilient respond restaurant right risk risks safe sample sandboxing scale scan scanned scanning schemes security see seemingly sensitive sequence serve several showed significant simple simulation simulation simulations sizes skills smartphones socially solution solution: specific spikes spread spur squares stay steal step stop strategy strategy successful successfully survey suspicious tactics tailored take takes tasks teach technologies template templates tens test that them theoretical these thousands threat threats through time tips to: today tool tools traditional training trojan two ubiquity understand understanding understood url urls use used user users using victim video vigilant vulnerabilities way website well what when where which why wild will within word works world worry would your “teachable |
| Tags | Threat Tool Vulnerability |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.