{"id":14608,"date":"2026-06-12T17:34:01","date_gmt":"2026-06-12T14:34:01","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=14608"},"modified":"2026-06-12T17:34:58","modified_gmt":"2026-06-12T14:34:58","slug":"ascii-qr-phishing","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/ascii-qr-phishing\/14608\/","title":{"rendered":"Unutulmu\u015f bir sanat, kimlik av\u0131 e-postalar\u0131na girdi"},"content":{"rendered":"<p>QR kodlar\u0131n\u0131n kimlik av\u0131 doland\u0131r\u0131c\u0131l\u0131klar\u0131nda nas\u0131l kullan\u0131ld\u0131\u011f\u0131na dair defalarca yazd\u0131k. <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/mail-security-appliance?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">G\u00fcvenli e-posta a\u011f ge\u00e7idimiz<\/a>, bu kodlar\u0131 okumak i\u00e7in gerekli <a href=\"https:\/\/www.kaspersky.com\/blog\/qr-phishing-protection-technology\/53146\/\" target=\"_blank\" rel=\"noopener nofollow\">teknolojiyi<\/a> de bar\u0131nd\u0131r\u0131r (sadece e-postalardan de\u011fil, eklerden de) ve yerle\u015fik ba\u011flant\u0131lar\u0131 kontrol eder. Yine de sald\u0131rganlar, kurbanlar\u0131na QR kodlar\u0131 g\u00f6nderme giri\u015fimlerinden vazge\u00e7mi\u015f de\u011filler. Son zamanlarda, bu ama\u00e7la ASCII sanat\u0131n\u0131, yani karakterlerden olu\u015fan resimleri, giderek daha s\u0131k kulland\u0131klar\u0131n\u0131 g\u00f6r\u00fcyoruz. Bu durum; bir zamanlar kimlik avc\u0131lar\u0131n\u0131n ba\u011flant\u0131lar\u0131 resimlerin i\u00e7ine gizleyerek ba\u011flant\u0131 taramas\u0131ndan ka\u00e7maya \u00e7al\u0131\u015ft\u0131klar\u0131n\u0131, \u015fimdi ise tekrar metne d\u00f6nerek resim taramas\u0131ndan ka\u00e7maya \u00e7al\u0131\u015ft\u0131klar\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcrsek, \u00f6zellikle ironik g\u00f6r\u00fcn\u00fcyor. Ama birka\u00e7 s\u00fcrprizle.<\/p>\n<h2>Kay\u0131p ASCII sanat\u0131 nedir ve sald\u0131rganlar bunu nas\u0131l kullan\u0131r?<\/h2>\n<p>Bug\u00fcn inanmas\u0131 zor olsa da, bir zamanlar bilgisayarlar grafik g\u00f6r\u00fcnt\u00fcleyemiyordu. Sonu\u00e7 olarak, ilk bilgisayar g\u00f6r\u00fcnt\u00fcleri metin karakterlerinden olu\u015fturuldu. 1963 y\u0131l\u0131nda standard\u0131n kabul edilmesinin ard\u0131ndan, g\u00f6r\u00fcnt\u00fclerin farkl\u0131 bilgisayarlarda ayn\u0131 g\u00f6r\u00fcnmesini sa\u011flamak amac\u0131yla bu t\u00fcr grafik tasar\u0131mlarda <a href=\"https:\/\/tr.wikipedia.org\/wiki\/ASCII\" target=\"_blank\" rel=\"noopener nofollow\">ASCII<\/a> (Amerikan Bilgi De\u011fi\u015fimi Standart Kodu) karakter k\u00fcmesinden karakterler kullan\u0131ld\u0131. Zamanla, g\u00f6r\u00fcnt\u00fc olu\u015fturmak i\u00e7in ba\u015fka metin sembolleri (\u00f6rne\u011fin, geni\u015fletilmi\u015f Unicode k\u00fcmesinden) kullan\u0131lmaya ba\u015fland\u0131, ancak \u201cASCII grafikleri\u201d ad\u0131 bu sanat bi\u00e7imini bir b\u00fct\u00fcn olarak tan\u0131mlamak i\u00e7in kullan\u0131lan terim olarak kald\u0131. Bu alanda \u00e7al\u0131\u015fan ciddi sanat\u00e7\u0131lar vard\u0131; ilk web siteleri ASCII sanat\u0131 kullan\u0131larak tasarlanm\u0131\u015ft\u0131 ve hatta ilk bilgisayar pornografisi bile metin karakterleriyle olu\u015fturulmu\u015ftu.<\/p>\n<p>G\u00f6r\u00fcnt\u00fc g\u00f6r\u00fcnt\u00fcleme teknolojisi geli\u015ftik\u00e7e, ASCII sanat\u0131 modas\u0131 yok olmaya y\u00fcz tuttu. 2000\u2019li y\u0131llarda, e-posta spam\u2019inin en yo\u011fun oldu\u011fu d\u00f6nemde b\u00fcy\u00fck bir canlanma ya\u015fad\u0131. O zamanlar, spam g\u00f6nderenler bunu \u00f6ncelikle, posta filtrelerini tetikleyebilecek bariz spam anahtar kelimelerini gizlemelerine olanak tan\u0131d\u0131\u011f\u0131 ve ayn\u0131 zamanda resimlere k\u0131yasla posta sunucular\u0131na daha az y\u00fck bindirdi\u011fi i\u00e7in kullan\u0131yorlard\u0131. Ayr\u0131ca o d\u00f6nemde bir\u00e7ok kullan\u0131c\u0131 internet trafi\u011fi hacmi i\u00e7in \u00fccret \u00f6dedi\u011fi i\u00e7in, e-posta istemcilerinde genellikle resim y\u00fckleme \u00f6zelli\u011fini devre d\u0131\u015f\u0131 b\u0131rak\u0131rd\u0131. Elbette o d\u00f6nemde, e-posta g\u00fcvenlik \u00e7\u00f6z\u00fcmlerimizi ASCII sanat\u0131n\u0131 engellemek \u00fczere \u00f6zel olarak tasarlanm\u0131\u015f teknolojilerle g\u00fc\u00e7lendirdik.<\/p>\n<p>\u015eimdi ASCII sanat\u0131 yeniden ke\u015ffedildi. Bu kez, resimlerdeki QR kodlar\u0131n\u0131 tan\u0131yan teknolojileri atlatmak isteyenler taraf\u0131ndan.<\/p>\n<h2>ASCII sanat\u0131 tabanl\u0131 kimlik av\u0131 neye benzer?<\/h2>\n<p>\u0130\u015fte yeni bir \u00f6rnek. Bahane olduk\u00e7a s\u0131radan: Birisi kurbana DocuSign arac\u0131l\u0131\u011f\u0131yla gizli bir belge g\u00f6ndermi\u015f gibi g\u00f6r\u00fcn\u00fcyor, ancak belgeyi a\u00e7mak i\u00e7in al\u0131c\u0131n\u0131n e-postadaki QR kodunu tarayarak bir web sitesine girip kurumsal oturum a\u00e7ma bilgilerini girmesi gerekiyor.<\/p>\n<div id=\"attachment_14613\" style=\"width: 792px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2026\/06\/12172115\/ascii-qr-phishing-letter.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-14613\" class=\"wp-image-14613 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2026\/06\/12172115\/ascii-qr-phishing-letter.jpg\" alt=\"ASCII sanat\u0131 ile olu\u015fturulmu\u015f bir QR kodu\" width=\"782\" height=\"689\"><\/a><p id=\"caption-attachment-14613\" class=\"wp-caption-text\">Unicode karakterleriyle olu\u015fturulmu\u015f bir QR kodu. K\u00f6t\u00fc ama\u00e7l\u0131 ba\u011flant\u0131n\u0131n taranmas\u0131n\u0131 \u00f6nlemek i\u00e7in kodun bir k\u0131sm\u0131n\u0131 bulan\u0131kla\u015ft\u0131rd\u0131k.<\/p><\/div>\n<p>Kabul etmek gerekirse, kod biraz tuhaf g\u00f6r\u00fcn\u00fcyor. Bunun ba\u015fl\u0131ca nedeni, resmin par\u00e7a par\u00e7a s\u00f6zde grafik \u00f6\u011felerle \u00e7izilmi\u015f olmas\u0131 ve hatta \u00e7izgiler aras\u0131ndaki bo\u015fluklar\u0131n bile g\u00f6r\u00fclebilmesidir. Asl\u0131nda, e-posta mesaj\u0131n\u0131n kodunda ger\u00e7ek bir resim yoktur; QR kodu arka planda \u015funa benzer bir \u015fekle sahiptir:<\/p>\n<div id=\"attachment_14611\" style=\"width: 1895px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2026\/06\/12172044\/ascii-qr-phishing-code.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-14611\" class=\"wp-image-14611 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2026\/06\/12172044\/ascii-qr-phishing-code.jpg\" alt=\"E-posta kodundaki ASCII sanat\u0131\" width=\"1885\" height=\"185\"><\/a><p id=\"caption-attachment-14611\" class=\"wp-caption-text\">E-posta kodundaki ASCII sanat\u0131<\/p><\/div>\n<p>Sonu\u00e7 olarak, ba\u011flant\u0131 taray\u0131c\u0131lar\u0131 bu ba\u011flant\u0131y\u0131 alg\u0131layamaz ve g\u00f6rsel analiz ara\u00e7lar\u0131 da QR kodunun i\u00e7inde gizlenmi\u015f URL\u2019yi bulamaz; bu nedenle sald\u0131rganlar, kimlik av\u0131 e-postas\u0131n\u0131n kurbana sorunsuz bir \u015fekilde ula\u015faca\u011f\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcr. Spoiler uyar\u0131s\u0131: Hay\u0131r, ASCII sanat\u0131n\u0131 engellemeyi unutmad\u0131k.<\/p>\n<h2>E-postada bir QR kodu olmas\u0131 normal mi?<\/h2>\n<p>Teorik olarak, QR kodu kullanman\u0131n mant\u0131kl\u0131 oldu\u011fu durumlar vard\u0131r. Ki\u015fileri, bir mobil uygulaman\u0131n ba\u011flant\u0131s\u0131n\u0131, harita konumunu veya bir yap\u0131land\u0131rmay\u0131 payla\u015fmak i\u00e7in olduk\u00e7a kullan\u0131\u015fl\u0131 bir y\u00f6ntemdir. Ba\u015fka bir deyi\u015fle, bilginin al\u0131c\u0131n\u0131n mobil cihaz\u0131na \u00f6zel olarak iletilmesi gerekti\u011finde bu y\u00f6ntem olduk\u00e7a etkili olur.<\/p>\n<p>Ancak, bir QR kodu kullanarak sizi bir mobil cihazda kurumsal kimlik bilgilerinizi girmeye y\u00f6nlendiren bir durum, hemen dikkat \u00e7ekici bir tehlike i\u015faretidir. Ve bu QR kodu ASCII sanat\u0131 kullan\u0131larak olu\u015fturulmu\u015fsa, bu a\u00e7\u0131k\u00e7a bir kimlik av\u0131 giri\u015fimi ya da sizi k\u00f6t\u00fc ama\u00e7l\u0131 bir URL\u2019ye y\u00f6neltme \u00e7abas\u0131d\u0131r. Bu hilenin tek bir amac\u0131 olabilir: G\u00fcvenlik kontrollerini atlatmaya \u00e7al\u0131\u015fmak.<\/p>\n<h2>Nas\u0131l g\u00fcvende kalabilirsiniz?<\/h2>\n<p>ASCII sanat\u0131 i\u00e7ersin ya da i\u00e7mesin, kimlik av\u0131 e-postalar\u0131n\u0131n \u00e7al\u0131\u015fanlar\u0131n gelen kutular\u0131na ula\u015fmas\u0131n\u0131 \u00f6nlemek i\u00e7in, geli\u015fmi\u015f Kimlik Av\u0131 Korumas\u0131 \u00f6zelliklerine sahip <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/mail-security-appliance?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">g\u00fcvenli bir e-posta a\u011f ge\u00e7idi<\/a> kullanman\u0131z\u0131 \u00f6neririz. Ek bir g\u00fcvenlik \u00f6nlemi olarak, internete eri\u015fim i\u00e7in kullan\u0131lan t\u00fcm u\u00e7 noktalara <a href=\"https:\/\/www.kaspersky.com.tr\/next?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kdaily_wpplaceholder_sm-team___knext____99cf0f930d9987ff\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik \u00e7\u00f6z\u00fcmleri<\/a> kurun.<\/p>\n<p>Ayr\u0131ca, \u00e7al\u0131\u015fanlar\u0131 g\u00fcncel kimlik av\u0131 taktikleri konusunda bilgilendirmek amac\u0131yla d\u00fczenli <a href=\"https:\/\/k-asap.com\/tr\/?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______&amp;utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=tr_wpplaceholder_nv0092&amp;utm_content=link&amp;utm_term=tr_kdaily_organic_avmwswubv8qh92b\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik fark\u0131ndal\u0131\u011f\u0131 e\u011fitimleri<\/a> d\u00fczenlenmesini \u00f6neriyoruz. \u00d6zellikle, g\u00fcn\u00fcm\u00fcz e-postalar\u0131ndaki ASCII sanat\u0131n\u0131n, bir kimlik av\u0131 sald\u0131r\u0131s\u0131 giri\u015fiminin a\u00e7\u0131k bir i\u015fareti olabilece\u011fini a\u00e7\u0131klamak i\u00e7in.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Kimlik avc\u0131lar\u0131 QR kodlar\u0131n\u0131 maskelemek i\u00e7in ASCII kullan\u0131yor. <\/p>\n","protected":false},"author":2598,"featured_media":14609,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[1921,1074,2414],"class_list":{"0":"post-14608","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-e-posta","11":"tag-kimlik-avi","12":"tag-qr-kodlari"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/ascii-qr-phishing\/14608\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/ascii-qr-phishing\/30736\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/ascii-qr-phishing\/25785\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ascii-qr-phishing\/30583\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/ascii-qr-phishing\/32206\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ascii-qr-phishing\/41897\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ascii-qr-phishing\/55789\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/ascii-qr-phishing\/25067\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/ascii-qr-phishing\/33595\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ascii-qr-phishing\/30680\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ascii-qr-phishing\/36242\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ascii-qr-phishing\/36135\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/kimlik-avi\/","name":"kimlik av\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14608","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2598"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=14608"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14608\/revisions"}],"predecessor-version":[{"id":14615,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14608\/revisions\/14615"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/14609"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=14608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=14608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=14608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}