Israeli phishing protection startup Ironscales Ltd. today announced an update to its platform capabilities aimed at bolstering defenses against the surge in image-based phishing attacks, including those using QR codes.

The Ironscales Fall 2023 release introduces sophisticated machine learning protections tailored to counter image-based threats, as well as automation features for phishing simulation testing. The threats covered by the update include protection from “quishing,” or QR code phishing, business email compromise and image-based attacks that bypass conventional language processing defenses.

The updates are aimed at addressing the rapid advancement in generative artificial intelligence technology, which has significantly expanded the tools available to cyber criminals. Ironscales data analysts observed an alarming 215% increase in image-centric phishing emails in the third quarter of 2023, with the use of malicious QR codes a particular standout.

Ironscales’ platform now employs optical character recognition and deep-text and image processing to identify and thwart such attacks before they reach end-users. The new features integrate enhanced image recognition and analysis into the company’s behavioral analysis framework.

A new autonomous phishing simulation testing functionality reduces processing time for information technology and security teams by creating timely and relevant simulation campaigns. Ironscales’ customers can skip the manual setup process and put their phishing simulation testing on autopilot, ensuring they deliver phishing simulations based on real-world examples of email attacks.

Enhanced reporting for organization visibility and improved employee awareness in the release deliver enhanced reporting that includes metrics, according to the company, and a comprehensive summary of simulation testing campaign results to compare against industry benchmarks, identify training gaps, measure effectiveness and improve future campaign strategy.

“Phishing threats are rapidly evolving in sophistication and it’s more crucial than ever for organizations to ensure their employees are trained and prepared so they can be a vital layer of defense against these attacks,” Chief Executive Eyal Benishti said. “Our job is to take the burden off security teams for threat detection and training of their employees. We think that our new Fall ’23 release is going to do just that.”

Ironscales was last in the news in June when it launched an artificial intelligence tool for Microsoft Outlook designed to empower users in threat detection and reporting. Called Themis Co-pilot, the service gives users the necessary tools to detect and report emerging threats, regardless of their role or cybersecurity expertise.

Image: Ironscales