Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/todb/statuses/113068236402556596">Tod Beardsley (todb@infosec.exchange)'s status on Monday, 02-Sep-2024 23:45:58 JST</a><a href="https://infosec.exchange/@todb" title="todb@infosec.exchange"><img src="https://gnusocial.jp/avatar/29830-48-20250416134507.webp" width="48" height="48" alt="Tod Beardsley" style="position: absolute; left: 0; top: 0;">Tod Beardsley</a></section><article><p>So this is neat.</p><p>1) Some (all?) antispam/counterphishing email scanners are blind to <a href="https://infosec.exchange/tags/QRCode" rel="tag">#QRCode</a> content. </p><p>2) You can draw working QRCodes with Unicode character sets, thus avoiding an image parser entirely, even if the scanner could process images in the first place. </p><p>3) By providing QRCode links, the attacker encourages the victim to use their personal device rather than the workstation, making defensive tracking more complicated.</p><p>I think it’s hilarious that a format designed SPECIFICALLY for machine vision is being used to evade machine interpretation.<br><a href="https://infosec.exchange/@patrickcmiller/113067302631450126">https://infosec.exchange/@patrickcmiller/113067302631450126</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3603364#notice-7067084">In conversation</a><time datetime="2024-09-02T23:45:58+09:00" title="Monday, 02-Sep-2024 23:45:58 JST">about 8 months ago</time> <span>from <span><a href="https://infosec.exchange/@todb/113068236402556596" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@todb/113068236402556596">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://infosec.exchange/@patrickcmiller/113067302631450126">Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)</a></h5><div> from <span>Patrick C Miller :donor:</span></div></header><div>New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Tod Beardsley (todb@infosec.exchange)'s status on Monday, 02-Sep-2024 23:45:58 JST Tod Beardsley
So this is neat.
1) Some (all?) antispam/counterphishing email scanners are blind to #QRCode content.
2) You can draw working QRCodes with Unicode character sets, thus avoiding an image parser entirely, even if the scanner could process images in the first place.
3) By providing QRCode links, the attacker encourages the victim to use their personal device rather than the workstation, making defensive tracking more complicated.
I think it’s hilarious that a format designed SPECIFICALLY for machine vision is being used to evade machine interpretation.
https://infosec.exchange/@patrickcmiller/113067302631450126
In conversationabout 8 months ago from infosec.exchangepermalink
Attachments
1. No result found on File_thumbnail lookup.
  Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)
  from Patrick C Miller :donor:
  New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html

Public

Embed Notice

HTML Code

Corresponding Notice