So I saw an article online about the resurgence of quishing. As phishing attacks evolve, cybercriminals are turning to advanced techniques, including the use of QR codes, CAPTCHAs, and steganography, to deceive individuals into compromising sensitive information or downloading harmful software.
Quishing merges QR codes with phishing, it involves hiding dangerous links in QR codes, this side steps standard spam filters and security protocols. When a victim scans the QR code, usually with a smartphone, they are directed to a phishing website or prompted to download malware.
Quishing is particularly dangerous because:
Evasion of Traditional Security: QR codes can bypass standard spam filters and security measures that are designed to detect text-based phishing attempts.
Deceptive Appearance: QR codes appear harmless and are a common tool in legitimate marketing and information dissemination, which can lower the guard of potential victims.
Difficulty in Verification: It's challenging to determine the legitimacy of a QR code before scanning it, unlike a URL where dubious elements can sometimes be identified by examining the link text.
The combination of these factors makes quishing a potent and deceptive method for cybercriminals to exploit. So I thought I should investigate this technology and learn HOW these QR codes are created and how to circumnavigate image download blocking in email clients.
The answer is using unicode characters rather than an image. If we just make a QR image file, email clients, such as outlook, will block the image from being displayed. However if we can draw the QR code in normal text characters then it will avoid not only the blocking of suspicious links but also the blocking of downloading images. To achieve this I used the segno library in Python to create a QR code in unicode format.
The simple script takes your chosen URL at line 24 and once run will encode the URL in a QR code and will output that code in Unicode format.
If you look closely you can see the output is not a normal image.
You can see the project on my GutHub