Intel Name: From qr to compromise: the growing “quishing” threat
Date of Scan: October 18, 2024
Impact: High
Summary: Attackers are using QR codes in PDF email attachments to spearphish corporate credentials from mobile devices, prompting security professionals to stay vigilant against evolving threats. The Sophos X-Ops team recently investigated phishing attacks that targeted several employees, with one falling victim and revealing their information. This technique, known as “quishing” (a blend of “QR code” and “phishing”), uses QR codes to quickly share URLs. Unlike plain text URLs, QR codes are harder to scrutinize, making them a deceptive tool for attackers.