Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block QR codes in body or attachment of email?

Hi Sophos,

As subject, is it possible within the Central Email Gateway product to quarantine emails if they contain QR codes in the attachment or body of email?

Thanks



This thread was automatically locked due to age.
Parents Reply Children
  • Hi Sophos,

    This is a very big hole in Sophos Email filtering capability. It should be a high priority as it bypasses URL filtering, if a code is scanned it is on a device that likely has a standalone internet connection outside of a firewall via SIM. It should be possible to do image analysis to detect and block QR codes in email without needing to block all types of image files. We see a hugely increased volume of QRishing taking place which is coming through Sophos Email filter.

    Can Sophos on Android or iOS mitigate this problem by filtering a malicious URL on a mobile device if a QR code is scanned from an email which is allowed through Sophos Email filter?

    Thanks

  • It is a high priority and we are already in discussions with our developers and Sophos Labs to integrate QR code inspection and control in our product. I will update this community as we get closer to releasing a solution for this.