https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2022 Winter Showcase
    • IWCE 2023 Pre-event Guide
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2023 Pre-event Guide
    • IWCE 2022 Winter Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Security


Partner content

QR codes help attackers sneak e-mails past security controls

QR codes help attackers sneak e-mails past security controls

  • Written by Jai Vijayan / Dark Reading
  • 28th October 2021

Researchers have observed an attacker using a technique they hadn’t previously seen to attempt to sneak phishing emails past enterprise security filters.

Abnormal Security, which reported the campaign this week, says between Sept. 15 and Oct. 13 it detected and blocked some 200 emails that contained a QR code — instead of the usual malicious attachment or URL link — to try and drive users to a phishing website.

The emails contained a message that described the QR code as offering access to a missed voicemail and appeared designed to bypass enterprise email gateway scans that are typically only geared to detect malicious attachments and links.

All of the QR code images that Abnormal detected were created the same day they were sent. This made it unlikely that the QR codes, even if they had been detected, would have been previously reported and included in any security blacklist, the security vendor said in its findings.

The use of QR codes in phishing emails is quite rare,” says Crane Hassold, director of threat intelligence at Abnormal Security. Threat actors in the past have used images that appeared to be QR codes but were, in fact, hyperlinks to a phishing site. Some phishing operators have also used QR codes in physical locations to try and drive users to a malicious website.

“But this is the first time we’ve seen an actor embed a functional QR code into an email,” Hassold says.

The Better Business Bureau (BBB) in July warned of a recent uptick in complaints from consumers about scams involving the use of QR codes. Because the codes cannot be read by the human eye, attackers are increasingly using them to disguise malicious links, the BBB said.

To read the complete article, visit Dark Reading.

 

Tags: Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military News Public Safety Security Software State & Local Government System Operation Test & Measurement Tracking, Monitoring & Control Training Partner content

Most Recent


  • Cyberattack closes emergency rooms in three states
    Ardent Health says it was the target of a cyberattack over Thanksgiving, in an incident that shut down the hospital operator’s emergency rooms in three states. The hospital operator, which oversees 30 hospitals in the U.S., said the attack was detected on the morning of Nov. 23 and was identified as a ransomware attack impacting […]
  • General Electric, DARPA hack claims raise national-security concerns
    General Electric and the Defense Advanced Research Projects Agency (DARPA) have reportedly been breached, according to claims on the Dark Web that the organizations’ highly sensitive stolen data is up for sale. A screen capture from the Dark Web ad shows a threat actor named IntelBroker selling access credentials, DARPA-related military information, SQL files, and more. GE confirmed to […]
  • More 2G and 3G shutdowns loom in the U.S.
    UScellular and Cellcom recently set dates to shutter their aging wireless networks. The smaller network operators are following in the footsteps of their bigger, nationwide rivals, which are making similar moves. On its website, UScellular said it would shutter its 3G CDMA network on January 14, 2024. “Major wireless carriers have already shut down their […]
  • Report: Local cybersecurity programs are facing headwinds as threats, technologies evolve
    The evolving technological landscape isn’t just changing the nation’s social and economic norms, it’s also pushing local governments to adapt. A new analysis from the Public Technology Institute provides a snapshot of the challenges local cybersecurity programs are facing, and the priorities of city and county administrators as they guide organizations through an unprecedented era […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • 6 eye-opening statistics about software supply-chain security
  • SolarWinds attacker targets cloud service providers in new supply-chain threat
  • Cloud security is key to cybersecurity resilience in state and local governments
  • Damages escalate rapidly in multi-party data breaches

Commentary


Land mobile radio (LMR) systems are just as vulnerable to cyberattacks as any other networks used in the public-safety sector. Here’s what to do about it.

  • 1
7th November 2023

September 3GPP Plenary meetings feature Release 18 progress, Release 19 beginnings

13th October 2023

Better technology can help solve the public-safety staffing crisis

26th June 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.