Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
gmichailidis
Staff
Staff

Created on ‎11-01-2022 09:00 AM Edited on ‎08-26-2025 12:26 AM By Moderator

Article Id 228594

Technical Tip: QR code URL detection

Description

 

This article explains how to detect QR-coded URL categories in the body of an email.

 

Scope

 

FortiMail v7.2, v7.4, v7.6, v7.8.

 

Solution

 

QR codes can be scanned to direct users to websites associated with the codes.

It is possible to enable QR code URL scanning, which queries the websites associated with the QR codes on FortiGuard and takes action depending on the URL category.

Run the following configuration to enable this feature:

 

config antispam settings

    set qr-code-url-scan-option attachment-image inline-image

    set qr-code-url-scan-status enable

end

 

Note:

Starting from v7.4.0, a new feature 'QR Code URL in Attachment' has added a QR code URL scan in the email attachment. Only inline QR codes were scanned before.

 

QR code URL scan.png

 

Sample Log:

The cross-search log below indicates that the URL was extracted from the QR code and identified as category: phishing.

 

QR_CODE.png

Labels:
5267
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.