How does Abnormal see a URL hidden inside a QR code?

Detection is two-layered. First, behavioral AI evaluates sender anomalies, recipient targeting, content patterns, and the communication graph — most quishing attacks are caught on these signals alone, before any QR is decoded. Second, a dedicated QR decoder extracts and evaluates URLs from image, PDF, and DOCX attachments to add signal strength.

Does this work even when the QR is split across images?

Yes — through the behavioral layer. The QR decoder doesn't reassemble split or nested QR codes across files, but the behavioral AI still catches the attack on sender, content, and recipient-targeting anomalies. Image processing for evasion patterns continues to improve across the federated network.

What happens if the user scans before we detect the threat?

Abnormal's behavioral baseline typically flags quishing emails before delivery — most never reach the inbox. For the rare delivered case, the platform auto-remediates on detection: removing the message from every mailbox it touched and locking any account that scanned, in under six seconds.

Will this block legitimate QR codes — calendar invites, payment receipts?

Near-zero false positives. Per-identity behavioral baselines distinguish a legitimate vendor receipt from an impersonation attempt by reading the sender history, communication pattern, and content intent — not by blanket-blocking QR codes.

Do we still need user training for quishing if Abnormal blocks it?

Training is a defense-in-depth layer, not a substitute for detection. Abnormal handles the detection burden; training programs (including AI Phishing Coach) reinforce healthy scanning habits for the messages that legitimately reach users.

Detect QR Code Attacks

The Attack Your Filters Can't Read

Quishing emails carry no link, no attachment, no payload — just a QR code that ferries your user to a credential phishing site from their personal phone, completely off your platform.

Request a Demo

Of attacks bypassing native spam filters use QR codes as the payload

Abnormal Threat Intelligence

Of QR code attacks are credential phishing impersonating Microsoft, Google, or DocuSign

Abnormal Threat Intelligence

<0s

API deployment, no MX changes, no mail rerouting

Abnormal Platform

Take A Product Tour

The Challenge

Why URL Filters Can't See QR Code Attacks

QR Codes Hide Malicious URLs Inside Images

Email URL filters scan text — QR codes are images, so the malicious destination never gets inspected before delivery.

Users Scan from Personal Phones, off Your Stack

Once the user lifts their phone to scan, the attack leaves your managed device entirely — no EDR, no proxy, no DNS filter.

Attackers Wrap QR Codes in MFA and IT Pretexts

Quishing emails impersonate Microsoft, Okta, and DocuSign — exactly the QR-prompted workflows users are trained to trust.

Sandbox Post-Click Detection Arrives Too Late

Sandboxes that detonate URLs after delivery never see the QR scan because the click happens off-device.

Image OCR Is Easy to Defeat with Format Tricks

Attackers split QR codes across multiple images, rotate them, or embed them in PDFs to evade basic OCR scanners.

Real Incident

AAquishingquishingemailemailimpersonatingimpersonatingMicrosoftMicrosoftMFAMFAenrollmentenrollmentlandedlandedinin280280inboxes,inboxes,harvestedharvested4747setssetsofofcredentials,credentials,andandtriggeredtriggeredthreethreeaccountaccounttakeoverstakeovers——everyeveryemailemailpassedpassedSPF,SPF,DKIM,DKIM,andandDMARC.DMARC.

Based on a real customer incident

The Solution

An Abnormal Approach to Stopping QR Code Attacks

Scores sender behavior, recipient targeting, and credential-reset content against per-identity baselines, catching most quishing before any QR code is even parsed.
Decodes QR codes hidden in images, PDFs, and attachments, then evaluates the destination URL with the same engine that inspects text-based links.
Recognizes the MFA-enrollment and password-reset pretexts attackers rely on, flagging them against the sender's true identity graph.

Core Capabilities

How Abnormal Stops Quishing

Catch the Attack, Decode-Free

Per-identity baselines across 45,000+ signals score sender anomalies, MFA/credential-reset content patterns, and recipient targeting — most quishing is caught before any QR parsing runs.

Decode + Evaluate Embedded URLs

A dedicated decoder extracts QR codes from image, PDF, and DOCX attachments and feeds the URL into the same detection engine that evaluates textual links — signal-additive, not signal-dependent.

Threats Gone in Under 6 Seconds

When a quishing email is detected post-delivery, Abnormal removes it from every mailbox it touched and locks any account that scanned — no analyst action required.

View Platform Overview

Over 25% of the Fortune 500 Trust Abnormal AI to Make Automated, Critical Security Decisions

Customer Voice

Real Results from Security Teams

“Abnormal's automation gives our analysts time back to work on other projects, and the fact that it's API-based gives us flexibility to tie in other applications and their data.”

John Roeser

Senior Manager, Information Security, Domino's

“Our goals are to get away from being so reliant on human judgment and leverage AI to be proactive. Abnormal helps us with those goals.”

Corey Kaemming

Senior Director, Information Security, Valvoline

Abnormal powers over 4,500 customers, including over 25% of the Fortune 500.

Customer Stories

FAQ

Related Resources

Webinars

The Detection Gap: Why AI-Powered Attacks Are Winning Against Legacy Email Security

Watch this on-demand webinar to learn how AI-powered BEC attacks bypass secure email gateways, and how behavioral AI can detect what legacy tools miss.

White Papers

The Essential Guide to Human Risk Management

Learn why traditional security awareness training fails to reduce real-world risk and how modern human risk management helps organizations measure and reduce risky behavior over time.

Data Sheets

Displace Your Secure Email Gateway

Stop sophisticated email attacks that target your employees using native cloud-based email security plus Abnormal.

View All Resources

See the Quishing Your Filters Are Missing

Deploy in 60 seconds via API. No MX changes. Decode the QR-based attacks your gateway can't read.

Request a Demo

Identity & AI Security

Platform

Product Resources

Support

Featured

Thought Leadership

Featured

Company

News & Events

Featured

The Attack Your Filters Can't Read

Why URL Filters Can't See QR Code Attacks

QR Codes Hide Malicious URLs Inside Images

Users Scan from Personal Phones, off Your Stack

Attackers Wrap QR Codes in MFA and IT Pretexts

Sandbox Post-Click Detection Arrives Too Late

Image OCR Is Easy to Defeat with Format Tricks

An Abnormal Approach to Stopping QR Code Attacks

How Abnormal Stops Quishing

Over 25% of the Fortune 500 Trust Abnormal AI to Make Automated, Critical Security Decisions

Real Results from Security Teams

“Abnormal's automation gives our analysts time back to work on other projects, and the fact that it's API-based gives us flexibility to tie in other applications and their data.”

“Our goals are to get away from being so reliant on human judgment and leverage AI to be proactive. Abnormal helps us with those goals.”

FAQ

Related Resources

See the Quishing Your Filters Are Missing