The QR Phishing feature in the PHISH product allows you to simulate phishing attacks using QR codes. You can choose from pre-existing templates or create customized QR phishing emails using the new visual editor or HTML.
How to send QR phishing emails
Create a Phishing campaign following the usual steps. See the detailed guide here. The difference selecting QR emails in the Content step.
Once the campaign is active, users will start receiving emails with QR codes they can scan.
Email clients have image load enabled to view the QR code.
Recipients can scan the code will be shown the landing page assigned to the email.
Scans are treated as clicks in reporting.
Email template options
Option 1: Use CybSafe pre-built templates
Select a QR phishing template from the list of available options. Templates are identified by the [QR]
tag.
You can duplicate and adjust templates that aren’t quite right for your needs.
Option 2: Use the visual editor
Create a new email using the Visual editor. See the detailed guide here. Add the available QR code block to the email.
Option 3: Using HTML
If you prefer to create your own QR phishing templates using HTML, you can use the following code snippet:
<img height="300" width="300" src="{{phishing_qrcode_url}}" alt="QR code">
To make the QR code clickable, wrap it in an anchor (<a>
) tag linking to the phishing email URL:
<a href="{{phishing_email_url}}"> <img height="300" width="300" src="{{phishing_qrcode_url}}" alt="QR code"> </a>
Best Practices
Always test your QR phishing templates before deploying them to a broader audience.
Use the visual editor for quick and easy customization, and opt for HTML if advanced customization is required.
Ensure that all QR codes are appropriately linked to relevant phishing scenarios for seamless tracking.