QR Code Phishing
QR Code Phishing (Quishing)
Detecting malicious QR codes embedded in emails and documents.
Attackers are increasingly using QR codes in phishing emails (e.g., "Scan to enable 2FA") because they bypass traditional text-based email filters.
MALICIOUS
Image-Based Threat Detection
Arx doesn't just read text; it "looks" at the webpage. Our extension automatically scans visible images for QR code patterns.
Decodes QR content locally
Analyses the hidden URL
How It Works
- Scanning: When a user opens an email or a PDF in their browser, Arx silently scans specific image elements for QR patterns.
- Decoding: If a code is found, it is decoded into a URL (e.g.,
http://malicious-site.com/auth). - Evaluation: This URL is then run through the same rigorous checks as a normal clickable link.
- Intervention: If the URL is malicious, Arx overlays a warning on top of the QR code image itself, preventing the user from scanning it with their phone.
Why is this critical? When a user scans a QR code with their phone, they are moving the attack from a protected corporate laptop to an often unmanaged personal mobile device. Arx stops the attack before it leaves the managed environment.