10-03-2023 01:28 AM
Hello ppl,
any ideas on QR (Quishing) protection with ESA SEGs topic?
Looks like that even with Image-Analysis feature, SEGs are not able to scan (suspicious) URLs encoded as QRs in message embedded pictures.
There is a feature request [CSCvs55128] since 2019, but looks like we haven't any progress on this field.
Any fresh update is highly appreciated.
thanks and regards,
Chris
10-03-2023 10:21 AM
I'm going to second this request. Attackers are adapting. We are seeing a MAJOR uptick in the number of emails that are purely image-based with zero textual component. This is an abhorrent weak point with the ESAs and is requiring organizations such as ours to seek out this feature in competitor products.
To compound this issue, these image-only email attacks using QR codes introduce additional strain on any company's last line of defense (the end user) to recognize malicious/phishing emails that have made it past the ESAs. Many companies are working toward cloud-based solutions that require MFA products which can use QR codes which are indistinguishable to the naked eye. Our organization must now be increasingly cautious with any legitimate use of QR codes or solutions that use them until this gaping hole in the ESAs is addressed.
Time to stop buying competitors and enhance what you already provide.
11-23-2023 03:07 AM
push
01-03-2024 11:13 AM
Please add this feature
01-11-2024 06:55 PM
Please add this feature
02-05-2024 12:05 AM
Don'.t want to call this a feature, but a core requirement anno 2024
This is already a major attack vector and the lack of response is ridiculous. Has cisco been sleeping ?
An option to just identify and block QR's in general would also be appreciated.
02-13-2024 11:58 PM
Cisco is falling behind in this area. Agree with JvBNL, this isn't a feature request but a basic core requirement. It's just silly that Cisco chooses to ignore this attack vector.
04-25-2024 09:50 AM
This is a a fundamental need at this point, and I think I've done as much customizing as I can to deal with this. At some point, Cisco need to step up.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide