Phishing is a longstanding danger of the digital world that most people are aware of. Whether it happens via email, text message, social media, or any other means, phishing presents a risk to all users. In recent years, the growing popularity of QR codes for all manner of operations has created an environment ripe for cybercriminals to take advantage of. All of the dangers of other sorts of phishing are just as present in the case of QR phishing, and the relative novelty of this particular type of attack means that targets are less likely to be wary of scanning QR codes from unknown sources.
QR phishing is a form of phishing that takes advantage of quick response (or QR) codes. The attacker, often disguised as a legitimate individual or organization, will send the target a QR code and deceive them into scanning the code for what the target believes is a valid reason. The code then leads the target to wherever the attacker wants them directed, be it a spoofed login page or a landing page that downloads malware.