Home / Use cases / Malicious QR Codes

Malicious QR Codes

QR codes have become a popular method for quickly accessing websites and information but in recent times, they have become every enterprise's nemesis! Attackers use this as an Out-Of-Band (OOB) channel to get the users to visit a malicious link on their phones where conducting credential-stealing spear-phishing attacks is a lot simpler. This method of phishing is one of the riskiest as users escape the embrace of the security solutions that protect their laptops and computers. SquareX accurately detects QR codes present on the page regardless of their form and is capable of allowing, isolating or blocking it depending on the enterprise's needs.

Block QR Codes with Malicious Links

Attackers can embed malicious links within QR codes, directing users to phishing sites or downloading malware onto their devices. Blocking QR codes with malicious links ensures that employees are protected from these covert threats. Using the policy generating copilot, admins can prompt ‘Block QR Codes with malicious links’ to generate the appropriate policy. The expected outcome would be:

Block all QR Codes but allow employees to view links in isolated browsers

Have you or your colleagues received QR codes through email or social media? Attackers often use QR codes in social engineering schemes to bypass computer security. Enterprises lack tools to monitor and control QR code use. With SquareX, admins can allow, isolate, or block QR codes based on various criteria, such as site category, domain age, and even site popularity. Since many commonly used QR Code generators tend to use link shorteners, SquareX automatically unfurls QR code links to provide full visibility of the final URL. As good practice, enterprises should consider blocking most QR codes. When blocking QR codes is too restrictive, enterprises can allow link isolation. This way, employees can safely inspect the links and any file attachments within isolated cloud browsers and file viewers.