This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
zaoar
Participant
‎2024-05-30 07:14 AM

Threat Prevention - decoding QR Codes

Hi all,

So i was reading the below article and made me wonder 

The Evolution of QR Code Phishing: ASCII-Based QR Codes  (avanan.com)

 

i have a Sandblast appliance working as MTA and I was wondering if it is able to decode QR codes and protect me and if so which blade is responsible for it? 

I would expect Threat emulation maybe?

 

The above article suggests:

  • implement security that automatically decodes QR codes embedded in emails and analyzed the URLs for malicious content 
  • Utilize security that rewrites the embedded QR code in the email body and replaces it with a safe, re-written link 
  • Implement security that utilizes advanced AI to look at multiple indicators of phishing

 

What CP products will cover me for the above?

 

Thanks in advance

 

0 Kudos
3 Replies
Jonathango
Employee
Employee
‎2024-06-02 12:35 PM

Harmony Email & Collaboration - Check Point's solution for Microsoft 365 / Google Workspace email and collaboration applications security - does. 

You can feel free to start a trial here

0 Kudos
zaoar
Participant
‎2024-06-04 03:09 AM
In response to Jonathango

So my current solution - sandblast MTA -  is not reading/recoding the QR codes and as i understand the Email and Collaboration is only for cloud mail provider. Not for on premise .

Correct?

0 Kudos
PhoneBoy
Admin
Admin
‎2024-06-05 06:30 PM
In response to zaoar

Correct, HEC does not support on-premise mail servers.
Threat Emulation does not currently emulate image files, which I assume would be necessary to scan/analyze QR Codes.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events