Boosting Quishing Awareness 91% Success
Learn how a major retail company secured its business against phishing threats, ensuring customer trust and securing financial transactions.
Introduction
A leading US-based retail company operated over 6,000 stores in 25 countries, employing approximately 27,000 people. The company integrated QR codes to connect offline and online shopping experiences, placing them alongside products, on payment kiosks, at storefronts, and on product packaging.
This strategy, however, introduced the threat of QR code phishing. With a large workforce, equipping employees to recognize and respond to these threats was essential.
The company looked for a security awareness training vendor capable of stopping QR phishing attacks. Keepnet was selected based on its inclusive security awareness approach, combining advanced technical defenses with a strong focus on employee training and awareness.
Successful Outcomes
Saved $89.500 per year from incident handling processes.
Prevented a $1,897,560 potential loss annually.
Improved their ability to recognize QR phishing by 91% in a year.
Reduced human risk score from 45% to 80%.
Increased training success from 57% to 94%.
Impact of QR Phishing Attacks
QR code phishing attacks pose substantial risks, considering the company's extensive international presence and the responsibility of managing human risk, which accounts for 95% of all cybersecurity incidents.
Legal Compliance Risks: Inadequate training of employees in recognizing and responding to QR code phishing attacks could lead to legal penalties and actions. This situation demands rigorous and consistent cybersecurity training.
Financial impact: QR code phishing attacks can lead to data breaches and potentially result in ransom demands. These incidents incur costs regarding incident response and mitigation and can lead to substantial financial losses.
Reputation at stake: Keeping customer trust is essential for a large brand. Any compromise in data integrity due to phishing attacks can severely damage the company's reputation among customers, employees, and business partners.
Operational disruptions: Responding to QR code phishing attacks requires significant resources and can disrupt regular business operations.
Potential Loss Prevented
The average loss per individual | $502 |
Employees recognizing and reporting Quishing | from 77% to 88% in 1 year |
The total potential loss prevented: $1,897,560 annually | |
Cost Saved From Incident Response
Avg. time to respond to a QR Code Phishing incident | from 6 hours to 2 minutes |
The average cost of one staff | $60 per hour |
The cost of a single Phishing incident reduced | from $360 to $2 |
The average number of Phishing incidents reported per year | 250 |
The total estimated cost savings are $89,500 annually (reducing the cost from $90.000 to $500). | |
How the Company Reduced QR Phishing Attacks
Implemented QR code phishing simulations to assess and improve employees' readiness against QR code phishing, providing practical, hands-on experience.
Developed and executed a focused security awareness training program specifically targeting QR code phishing attacks.
Utilized expert consultation to stay ahead of emerging threats and create effective phishing campaigns.
Enhanced the reporting culture by training employees on proper reporting mechanisms and providing phishing reporting tools, enabling swift incident response.
Ensured regulatory compliance through regular phishing tests and training sessions, minimizing legal risks.
Adopted behavior-based automated security training, monitoring employee cybersecurity actions and sending targeted training for specific misbehaviors.
Operational Results
Trained 27,000 employees worldwide, boosting security awareness.
Improved risk score from 45% to 80%, strengthening cybersecurity posture.
Reduced human risk score from 80% to 45%, strengthening cybersecurity posture.
Achieved a 91% success rate in identifying and reporting phishing attempts.
Increased training success from 57% to 94%, demonstrating effective training methods.
Strategic Results
Saved $89,500 from the incident handling process per year.
Prevented a $1,897,560 potential loss annually.
Ensured adherence to cybersecurity regulations, enhancing organizational reassurance.
Improved cybersecurity defenses through an effective incident response plan.
“In our retail operations, QR code usage was a top priority. Partnering with Keepnet Labs has been a strategic move to strengthen our defenses against QR code phishing. We focus on equipping our 27,000 employees across 6,000 stores with the necessary skills to identify and prevent these threats, ensuring our customers' safety and our brand's integrity."