Detecting Quishing

Questions and answers about how to do stuff
Post Reply
amaclach
Posts: 26
Joined: 14 Aug 2023 06:53

Detecting Quishing

Post by amaclach »

Here's a tricky one...
Does anyone know of a plugin or method for detecting QR codes in emails and if they are malicious or not (i guess the URL needs to be extracted and checked against the known phish/scam sites).
There is software that can read the QRcodes like zbarimg (in zbar-tools package in Debian)

Code: Select all

user@host:~$ zbarimg -q frame.png
QR-Code:https://quishing.zzz
OK - Great - Let's see if we can clean the output up:

Code: Select all

user@host:~$ zbarimg -q frame.png|sed 's/QR-Code://g'
https://quishing.zzz
now checking the URL against the blacklists should be relatively easy...
I have no idea what I'm doing with perl etc - does anyone fancy making a spamassassin pm to do this?
Post Reply